Fix race/oops in tty layer after BKL pushdown
[linux-2.6] / fs / dquot.c
1 /*
2  * Implementation of the diskquota system for the LINUX operating system. QUOTA
3  * is implemented using the BSD system call interface as the means of
4  * communication with the user level. This file contains the generic routines
5  * called by the different filesystems on allocation of an inode or block.
6  * These routines take care of the administration needed to have a consistent
7  * diskquota tracking system. The ideas of both user and group quotas are based
8  * on the Melbourne quota system as used on BSD derived systems. The internal
9  * implementation is based on one of the several variants of the LINUX
10  * inode-subsystem with added complexity of the diskquota system.
11  * 
12  * Version: $Id: dquot.c,v 6.3 1996/11/17 18:35:34 mvw Exp mvw $
13  * 
14  * Author:      Marco van Wieringen <mvw@planets.elm.net>
15  *
16  * Fixes:   Dmitry Gorodchanin <pgmdsg@ibi.com>, 11 Feb 96
17  *
18  *              Revised list management to avoid races
19  *              -- Bill Hawes, <whawes@star.net>, 9/98
20  *
21  *              Fixed races in dquot_transfer(), dqget() and dquot_alloc_...().
22  *              As the consequence the locking was moved from dquot_decr_...(),
23  *              dquot_incr_...() to calling functions.
24  *              invalidate_dquots() now writes modified dquots.
25  *              Serialized quota_off() and quota_on() for mount point.
26  *              Fixed a few bugs in grow_dquots().
27  *              Fixed deadlock in write_dquot() - we no longer account quotas on
28  *              quota files
29  *              remove_dquot_ref() moved to inode.c - it now traverses through inodes
30  *              add_dquot_ref() restarts after blocking
31  *              Added check for bogus uid and fixed check for group in quotactl.
32  *              Jan Kara, <jack@suse.cz>, sponsored by SuSE CR, 10-11/99
33  *
34  *              Used struct list_head instead of own list struct
35  *              Invalidation of referenced dquots is no longer possible
36  *              Improved free_dquots list management
37  *              Quota and i_blocks are now updated in one place to avoid races
38  *              Warnings are now delayed so we won't block in critical section
39  *              Write updated not to require dquot lock
40  *              Jan Kara, <jack@suse.cz>, 9/2000
41  *
42  *              Added dynamic quota structure allocation
43  *              Jan Kara <jack@suse.cz> 12/2000
44  *
45  *              Rewritten quota interface. Implemented new quota format and
46  *              formats registering.
47  *              Jan Kara, <jack@suse.cz>, 2001,2002
48  *
49  *              New SMP locking.
50  *              Jan Kara, <jack@suse.cz>, 10/2002
51  *
52  *              Added journalled quota support, fix lock inversion problems
53  *              Jan Kara, <jack@suse.cz>, 2003,2004
54  *
55  * (C) Copyright 1994 - 1997 Marco van Wieringen 
56  */
57
58 #include <linux/errno.h>
59 #include <linux/kernel.h>
60 #include <linux/fs.h>
61 #include <linux/mount.h>
62 #include <linux/mm.h>
63 #include <linux/time.h>
64 #include <linux/types.h>
65 #include <linux/string.h>
66 #include <linux/fcntl.h>
67 #include <linux/stat.h>
68 #include <linux/tty.h>
69 #include <linux/file.h>
70 #include <linux/slab.h>
71 #include <linux/sysctl.h>
72 #include <linux/init.h>
73 #include <linux/module.h>
74 #include <linux/proc_fs.h>
75 #include <linux/security.h>
76 #include <linux/kmod.h>
77 #include <linux/namei.h>
78 #include <linux/buffer_head.h>
79 #include <linux/capability.h>
80 #include <linux/quotaops.h>
81 #include <linux/writeback.h> /* for inode_lock, oddly enough.. */
82 #ifdef CONFIG_QUOTA_NETLINK_INTERFACE
83 #include <net/netlink.h>
84 #include <net/genetlink.h>
85 #endif
86
87 #include <asm/uaccess.h>
88
89 #define __DQUOT_PARANOIA
90
91 /*
92  * There are two quota SMP locks. dq_list_lock protects all lists with quotas
93  * and quota formats and also dqstats structure containing statistics about the
94  * lists. dq_data_lock protects data from dq_dqb and also mem_dqinfo structures
95  * and also guards consistency of dquot->dq_dqb with inode->i_blocks, i_bytes.
96  * i_blocks and i_bytes updates itself are guarded by i_lock acquired directly
97  * in inode_add_bytes() and inode_sub_bytes().
98  *
99  * The spinlock ordering is hence: dq_data_lock > dq_list_lock > i_lock
100  *
101  * Note that some things (eg. sb pointer, type, id) doesn't change during
102  * the life of the dquot structure and so needn't to be protected by a lock
103  *
104  * Any operation working on dquots via inode pointers must hold dqptr_sem.  If
105  * operation is just reading pointers from inode (or not using them at all) the
106  * read lock is enough. If pointers are altered function must hold write lock
107  * (these locking rules also apply for S_NOQUOTA flag in the inode - note that
108  * for altering the flag i_mutex is also needed).  If operation is holding
109  * reference to dquot in other way (e.g. quotactl ops) it must be guarded by
110  * dqonoff_mutex.
111  * This locking assures that:
112  *   a) update/access to dquot pointers in inode is serialized
113  *   b) everyone is guarded against invalidate_dquots()
114  *
115  * Each dquot has its dq_lock mutex. Locked dquots might not be referenced
116  * from inodes (dquot_alloc_space() and such don't check the dq_lock).
117  * Currently dquot is locked only when it is being read to memory (or space for
118  * it is being allocated) on the first dqget() and when it is being released on
119  * the last dqput(). The allocation and release oparations are serialized by
120  * the dq_lock and by checking the use count in dquot_release().  Write
121  * operations on dquots don't hold dq_lock as they copy data under dq_data_lock
122  * spinlock to internal buffers before writing.
123  *
124  * Lock ordering (including related VFS locks) is the following:
125  *   i_mutex > dqonoff_sem > journal_lock > dqptr_sem > dquot->dq_lock >
126  *   dqio_mutex
127  * i_mutex on quota files is special (it's below dqio_mutex)
128  */
129
130 static DEFINE_SPINLOCK(dq_list_lock);
131 DEFINE_SPINLOCK(dq_data_lock);
132
133 static char *quotatypes[] = INITQFNAMES;
134 static struct quota_format_type *quota_formats; /* List of registered formats */
135 static struct quota_module_name module_names[] = INIT_QUOTA_MODULE_NAMES;
136
137 /* SLAB cache for dquot structures */
138 static struct kmem_cache *dquot_cachep;
139
140 int register_quota_format(struct quota_format_type *fmt)
141 {
142         spin_lock(&dq_list_lock);
143         fmt->qf_next = quota_formats;
144         quota_formats = fmt;
145         spin_unlock(&dq_list_lock);
146         return 0;
147 }
148
149 void unregister_quota_format(struct quota_format_type *fmt)
150 {
151         struct quota_format_type **actqf;
152
153         spin_lock(&dq_list_lock);
154         for (actqf = &quota_formats; *actqf && *actqf != fmt; actqf = &(*actqf)->qf_next);
155         if (*actqf)
156                 *actqf = (*actqf)->qf_next;
157         spin_unlock(&dq_list_lock);
158 }
159
160 static struct quota_format_type *find_quota_format(int id)
161 {
162         struct quota_format_type *actqf;
163
164         spin_lock(&dq_list_lock);
165         for (actqf = quota_formats; actqf && actqf->qf_fmt_id != id; actqf = actqf->qf_next);
166         if (!actqf || !try_module_get(actqf->qf_owner)) {
167                 int qm;
168
169                 spin_unlock(&dq_list_lock);
170                 
171                 for (qm = 0; module_names[qm].qm_fmt_id && module_names[qm].qm_fmt_id != id; qm++);
172                 if (!module_names[qm].qm_fmt_id || request_module(module_names[qm].qm_mod_name))
173                         return NULL;
174
175                 spin_lock(&dq_list_lock);
176                 for (actqf = quota_formats; actqf && actqf->qf_fmt_id != id; actqf = actqf->qf_next);
177                 if (actqf && !try_module_get(actqf->qf_owner))
178                         actqf = NULL;
179         }
180         spin_unlock(&dq_list_lock);
181         return actqf;
182 }
183
184 static void put_quota_format(struct quota_format_type *fmt)
185 {
186         module_put(fmt->qf_owner);
187 }
188
189 /*
190  * Dquot List Management:
191  * The quota code uses three lists for dquot management: the inuse_list,
192  * free_dquots, and dquot_hash[] array. A single dquot structure may be
193  * on all three lists, depending on its current state.
194  *
195  * All dquots are placed to the end of inuse_list when first created, and this
196  * list is used for invalidate operation, which must look at every dquot.
197  *
198  * Unused dquots (dq_count == 0) are added to the free_dquots list when freed,
199  * and this list is searched whenever we need an available dquot.  Dquots are
200  * removed from the list as soon as they are used again, and
201  * dqstats.free_dquots gives the number of dquots on the list. When
202  * dquot is invalidated it's completely released from memory.
203  *
204  * Dquots with a specific identity (device, type and id) are placed on
205  * one of the dquot_hash[] hash chains. The provides an efficient search
206  * mechanism to locate a specific dquot.
207  */
208
209 static LIST_HEAD(inuse_list);
210 static LIST_HEAD(free_dquots);
211 static unsigned int dq_hash_bits, dq_hash_mask;
212 static struct hlist_head *dquot_hash;
213
214 struct dqstats dqstats;
215
216 static void dqput(struct dquot *dquot);
217
218 static inline unsigned int
219 hashfn(const struct super_block *sb, unsigned int id, int type)
220 {
221         unsigned long tmp;
222
223         tmp = (((unsigned long)sb>>L1_CACHE_SHIFT) ^ id) * (MAXQUOTAS - type);
224         return (tmp + (tmp >> dq_hash_bits)) & dq_hash_mask;
225 }
226
227 /*
228  * Following list functions expect dq_list_lock to be held
229  */
230 static inline void insert_dquot_hash(struct dquot *dquot)
231 {
232         struct hlist_head *head = dquot_hash + hashfn(dquot->dq_sb, dquot->dq_id, dquot->dq_type);
233         hlist_add_head(&dquot->dq_hash, head);
234 }
235
236 static inline void remove_dquot_hash(struct dquot *dquot)
237 {
238         hlist_del_init(&dquot->dq_hash);
239 }
240
241 static inline struct dquot *find_dquot(unsigned int hashent, struct super_block *sb, unsigned int id, int type)
242 {
243         struct hlist_node *node;
244         struct dquot *dquot;
245
246         hlist_for_each (node, dquot_hash+hashent) {
247                 dquot = hlist_entry(node, struct dquot, dq_hash);
248                 if (dquot->dq_sb == sb && dquot->dq_id == id && dquot->dq_type == type)
249                         return dquot;
250         }
251         return NODQUOT;
252 }
253
254 /* Add a dquot to the tail of the free list */
255 static inline void put_dquot_last(struct dquot *dquot)
256 {
257         list_add_tail(&dquot->dq_free, &free_dquots);
258         dqstats.free_dquots++;
259 }
260
261 static inline void remove_free_dquot(struct dquot *dquot)
262 {
263         if (list_empty(&dquot->dq_free))
264                 return;
265         list_del_init(&dquot->dq_free);
266         dqstats.free_dquots--;
267 }
268
269 static inline void put_inuse(struct dquot *dquot)
270 {
271         /* We add to the back of inuse list so we don't have to restart
272          * when traversing this list and we block */
273         list_add_tail(&dquot->dq_inuse, &inuse_list);
274         dqstats.allocated_dquots++;
275 }
276
277 static inline void remove_inuse(struct dquot *dquot)
278 {
279         dqstats.allocated_dquots--;
280         list_del(&dquot->dq_inuse);
281 }
282 /*
283  * End of list functions needing dq_list_lock
284  */
285
286 static void wait_on_dquot(struct dquot *dquot)
287 {
288         mutex_lock(&dquot->dq_lock);
289         mutex_unlock(&dquot->dq_lock);
290 }
291
292 static inline int dquot_dirty(struct dquot *dquot)
293 {
294         return test_bit(DQ_MOD_B, &dquot->dq_flags);
295 }
296
297 static inline int mark_dquot_dirty(struct dquot *dquot)
298 {
299         return dquot->dq_sb->dq_op->mark_dirty(dquot);
300 }
301
302 int dquot_mark_dquot_dirty(struct dquot *dquot)
303 {
304         spin_lock(&dq_list_lock);
305         if (!test_and_set_bit(DQ_MOD_B, &dquot->dq_flags))
306                 list_add(&dquot->dq_dirty, &sb_dqopt(dquot->dq_sb)->
307                                 info[dquot->dq_type].dqi_dirty_list);
308         spin_unlock(&dq_list_lock);
309         return 0;
310 }
311
312 /* This function needs dq_list_lock */
313 static inline int clear_dquot_dirty(struct dquot *dquot)
314 {
315         if (!test_and_clear_bit(DQ_MOD_B, &dquot->dq_flags))
316                 return 0;
317         list_del_init(&dquot->dq_dirty);
318         return 1;
319 }
320
321 void mark_info_dirty(struct super_block *sb, int type)
322 {
323         set_bit(DQF_INFO_DIRTY_B, &sb_dqopt(sb)->info[type].dqi_flags);
324 }
325 EXPORT_SYMBOL(mark_info_dirty);
326
327 /*
328  *      Read dquot from disk and alloc space for it
329  */
330
331 int dquot_acquire(struct dquot *dquot)
332 {
333         int ret = 0, ret2 = 0;
334         struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
335
336         mutex_lock(&dquot->dq_lock);
337         mutex_lock(&dqopt->dqio_mutex);
338         if (!test_bit(DQ_READ_B, &dquot->dq_flags))
339                 ret = dqopt->ops[dquot->dq_type]->read_dqblk(dquot);
340         if (ret < 0)
341                 goto out_iolock;
342         set_bit(DQ_READ_B, &dquot->dq_flags);
343         /* Instantiate dquot if needed */
344         if (!test_bit(DQ_ACTIVE_B, &dquot->dq_flags) && !dquot->dq_off) {
345                 ret = dqopt->ops[dquot->dq_type]->commit_dqblk(dquot);
346                 /* Write the info if needed */
347                 if (info_dirty(&dqopt->info[dquot->dq_type]))
348                         ret2 = dqopt->ops[dquot->dq_type]->write_file_info(dquot->dq_sb, dquot->dq_type);
349                 if (ret < 0)
350                         goto out_iolock;
351                 if (ret2 < 0) {
352                         ret = ret2;
353                         goto out_iolock;
354                 }
355         }
356         set_bit(DQ_ACTIVE_B, &dquot->dq_flags);
357 out_iolock:
358         mutex_unlock(&dqopt->dqio_mutex);
359         mutex_unlock(&dquot->dq_lock);
360         return ret;
361 }
362
363 /*
364  *      Write dquot to disk
365  */
366 int dquot_commit(struct dquot *dquot)
367 {
368         int ret = 0, ret2 = 0;
369         struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
370
371         mutex_lock(&dqopt->dqio_mutex);
372         spin_lock(&dq_list_lock);
373         if (!clear_dquot_dirty(dquot)) {
374                 spin_unlock(&dq_list_lock);
375                 goto out_sem;
376         }
377         spin_unlock(&dq_list_lock);
378         /* Inactive dquot can be only if there was error during read/init
379          * => we have better not writing it */
380         if (test_bit(DQ_ACTIVE_B, &dquot->dq_flags)) {
381                 ret = dqopt->ops[dquot->dq_type]->commit_dqblk(dquot);
382                 if (info_dirty(&dqopt->info[dquot->dq_type]))
383                         ret2 = dqopt->ops[dquot->dq_type]->write_file_info(dquot->dq_sb, dquot->dq_type);
384                 if (ret >= 0)
385                         ret = ret2;
386         }
387 out_sem:
388         mutex_unlock(&dqopt->dqio_mutex);
389         return ret;
390 }
391
392 /*
393  *      Release dquot
394  */
395 int dquot_release(struct dquot *dquot)
396 {
397         int ret = 0, ret2 = 0;
398         struct quota_info *dqopt = sb_dqopt(dquot->dq_sb);
399
400         mutex_lock(&dquot->dq_lock);
401         /* Check whether we are not racing with some other dqget() */
402         if (atomic_read(&dquot->dq_count) > 1)
403                 goto out_dqlock;
404         mutex_lock(&dqopt->dqio_mutex);
405         if (dqopt->ops[dquot->dq_type]->release_dqblk) {
406                 ret = dqopt->ops[dquot->dq_type]->release_dqblk(dquot);
407                 /* Write the info */
408                 if (info_dirty(&dqopt->info[dquot->dq_type]))
409                         ret2 = dqopt->ops[dquot->dq_type]->write_file_info(dquot->dq_sb, dquot->dq_type);
410                 if (ret >= 0)
411                         ret = ret2;
412         }
413         clear_bit(DQ_ACTIVE_B, &dquot->dq_flags);
414         mutex_unlock(&dqopt->dqio_mutex);
415 out_dqlock:
416         mutex_unlock(&dquot->dq_lock);
417         return ret;
418 }
419
420 /* Invalidate all dquots on the list. Note that this function is called after
421  * quota is disabled and pointers from inodes removed so there cannot be new
422  * quota users. There can still be some users of quotas due to inodes being
423  * just deleted or pruned by prune_icache() (those are not attached to any
424  * list). We have to wait for such users.
425  */
426 static void invalidate_dquots(struct super_block *sb, int type)
427 {
428         struct dquot *dquot, *tmp;
429
430 restart:
431         spin_lock(&dq_list_lock);
432         list_for_each_entry_safe(dquot, tmp, &inuse_list, dq_inuse) {
433                 if (dquot->dq_sb != sb)
434                         continue;
435                 if (dquot->dq_type != type)
436                         continue;
437                 /* Wait for dquot users */
438                 if (atomic_read(&dquot->dq_count)) {
439                         DEFINE_WAIT(wait);
440
441                         atomic_inc(&dquot->dq_count);
442                         prepare_to_wait(&dquot->dq_wait_unused, &wait,
443                                         TASK_UNINTERRUPTIBLE);
444                         spin_unlock(&dq_list_lock);
445                         /* Once dqput() wakes us up, we know it's time to free
446                          * the dquot.
447                          * IMPORTANT: we rely on the fact that there is always
448                          * at most one process waiting for dquot to free.
449                          * Otherwise dq_count would be > 1 and we would never
450                          * wake up.
451                          */
452                         if (atomic_read(&dquot->dq_count) > 1)
453                                 schedule();
454                         finish_wait(&dquot->dq_wait_unused, &wait);
455                         dqput(dquot);
456                         /* At this moment dquot() need not exist (it could be
457                          * reclaimed by prune_dqcache(). Hence we must
458                          * restart. */
459                         goto restart;
460                 }
461                 /*
462                  * Quota now has no users and it has been written on last
463                  * dqput()
464                  */
465                 remove_dquot_hash(dquot);
466                 remove_free_dquot(dquot);
467                 remove_inuse(dquot);
468                 kmem_cache_free(dquot_cachep, dquot);
469         }
470         spin_unlock(&dq_list_lock);
471 }
472
473 int vfs_quota_sync(struct super_block *sb, int type)
474 {
475         struct list_head *dirty;
476         struct dquot *dquot;
477         struct quota_info *dqopt = sb_dqopt(sb);
478         int cnt;
479
480         mutex_lock(&dqopt->dqonoff_mutex);
481         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
482                 if (type != -1 && cnt != type)
483                         continue;
484                 if (!sb_has_quota_enabled(sb, cnt))
485                         continue;
486                 spin_lock(&dq_list_lock);
487                 dirty = &dqopt->info[cnt].dqi_dirty_list;
488                 while (!list_empty(dirty)) {
489                         dquot = list_first_entry(dirty, struct dquot, dq_dirty);
490                         /* Dirty and inactive can be only bad dquot... */
491                         if (!test_bit(DQ_ACTIVE_B, &dquot->dq_flags)) {
492                                 clear_dquot_dirty(dquot);
493                                 continue;
494                         }
495                         /* Now we have active dquot from which someone is
496                          * holding reference so we can safely just increase
497                          * use count */
498                         atomic_inc(&dquot->dq_count);
499                         dqstats.lookups++;
500                         spin_unlock(&dq_list_lock);
501                         sb->dq_op->write_dquot(dquot);
502                         dqput(dquot);
503                         spin_lock(&dq_list_lock);
504                 }
505                 spin_unlock(&dq_list_lock);
506         }
507
508         for (cnt = 0; cnt < MAXQUOTAS; cnt++)
509                 if ((cnt == type || type == -1) && sb_has_quota_enabled(sb, cnt)
510                         && info_dirty(&dqopt->info[cnt]))
511                         sb->dq_op->write_info(sb, cnt);
512         spin_lock(&dq_list_lock);
513         dqstats.syncs++;
514         spin_unlock(&dq_list_lock);
515         mutex_unlock(&dqopt->dqonoff_mutex);
516
517         return 0;
518 }
519
520 /* Free unused dquots from cache */
521 static void prune_dqcache(int count)
522 {
523         struct list_head *head;
524         struct dquot *dquot;
525
526         head = free_dquots.prev;
527         while (head != &free_dquots && count) {
528                 dquot = list_entry(head, struct dquot, dq_free);
529                 remove_dquot_hash(dquot);
530                 remove_free_dquot(dquot);
531                 remove_inuse(dquot);
532                 kmem_cache_free(dquot_cachep, dquot);
533                 count--;
534                 head = free_dquots.prev;
535         }
536 }
537
538 /*
539  * This is called from kswapd when we think we need some
540  * more memory
541  */
542
543 static int shrink_dqcache_memory(int nr, gfp_t gfp_mask)
544 {
545         if (nr) {
546                 spin_lock(&dq_list_lock);
547                 prune_dqcache(nr);
548                 spin_unlock(&dq_list_lock);
549         }
550         return (dqstats.free_dquots / 100) * sysctl_vfs_cache_pressure;
551 }
552
553 static struct shrinker dqcache_shrinker = {
554         .shrink = shrink_dqcache_memory,
555         .seeks = DEFAULT_SEEKS,
556 };
557
558 /*
559  * Put reference to dquot
560  * NOTE: If you change this function please check whether dqput_blocks() works right...
561  * MUST be called with either dqptr_sem or dqonoff_mutex held
562  */
563 static void dqput(struct dquot *dquot)
564 {
565         int ret;
566
567         if (!dquot)
568                 return;
569 #ifdef __DQUOT_PARANOIA
570         if (!atomic_read(&dquot->dq_count)) {
571                 printk("VFS: dqput: trying to free free dquot\n");
572                 printk("VFS: device %s, dquot of %s %d\n",
573                         dquot->dq_sb->s_id,
574                         quotatypes[dquot->dq_type],
575                         dquot->dq_id);
576                 BUG();
577         }
578 #endif
579         
580         spin_lock(&dq_list_lock);
581         dqstats.drops++;
582         spin_unlock(&dq_list_lock);
583 we_slept:
584         spin_lock(&dq_list_lock);
585         if (atomic_read(&dquot->dq_count) > 1) {
586                 /* We have more than one user... nothing to do */
587                 atomic_dec(&dquot->dq_count);
588                 /* Releasing dquot during quotaoff phase? */
589                 if (!sb_has_quota_enabled(dquot->dq_sb, dquot->dq_type) &&
590                     atomic_read(&dquot->dq_count) == 1)
591                         wake_up(&dquot->dq_wait_unused);
592                 spin_unlock(&dq_list_lock);
593                 return;
594         }
595         /* Need to release dquot? */
596         if (test_bit(DQ_ACTIVE_B, &dquot->dq_flags) && dquot_dirty(dquot)) {
597                 spin_unlock(&dq_list_lock);
598                 /* Commit dquot before releasing */
599                 ret = dquot->dq_sb->dq_op->write_dquot(dquot);
600                 if (ret < 0) {
601                         printk(KERN_ERR "VFS: cannot write quota structure on "
602                                 "device %s (error %d). Quota may get out of "
603                                 "sync!\n", dquot->dq_sb->s_id, ret);
604                         /*
605                          * We clear dirty bit anyway, so that we avoid
606                          * infinite loop here
607                          */
608                         spin_lock(&dq_list_lock);
609                         clear_dquot_dirty(dquot);
610                         spin_unlock(&dq_list_lock);
611                 }
612                 goto we_slept;
613         }
614         /* Clear flag in case dquot was inactive (something bad happened) */
615         clear_dquot_dirty(dquot);
616         if (test_bit(DQ_ACTIVE_B, &dquot->dq_flags)) {
617                 spin_unlock(&dq_list_lock);
618                 dquot->dq_sb->dq_op->release_dquot(dquot);
619                 goto we_slept;
620         }
621         atomic_dec(&dquot->dq_count);
622 #ifdef __DQUOT_PARANOIA
623         /* sanity check */
624         BUG_ON(!list_empty(&dquot->dq_free));
625 #endif
626         put_dquot_last(dquot);
627         spin_unlock(&dq_list_lock);
628 }
629
630 static struct dquot *get_empty_dquot(struct super_block *sb, int type)
631 {
632         struct dquot *dquot;
633
634         dquot = kmem_cache_zalloc(dquot_cachep, GFP_NOFS);
635         if(!dquot)
636                 return NODQUOT;
637
638         mutex_init(&dquot->dq_lock);
639         INIT_LIST_HEAD(&dquot->dq_free);
640         INIT_LIST_HEAD(&dquot->dq_inuse);
641         INIT_HLIST_NODE(&dquot->dq_hash);
642         INIT_LIST_HEAD(&dquot->dq_dirty);
643         init_waitqueue_head(&dquot->dq_wait_unused);
644         dquot->dq_sb = sb;
645         dquot->dq_type = type;
646         atomic_set(&dquot->dq_count, 1);
647
648         return dquot;
649 }
650
651 /*
652  * Get reference to dquot
653  * MUST be called with either dqptr_sem or dqonoff_mutex held
654  */
655 static struct dquot *dqget(struct super_block *sb, unsigned int id, int type)
656 {
657         unsigned int hashent = hashfn(sb, id, type);
658         struct dquot *dquot, *empty = NODQUOT;
659
660         if (!sb_has_quota_enabled(sb, type))
661                 return NODQUOT;
662 we_slept:
663         spin_lock(&dq_list_lock);
664         if ((dquot = find_dquot(hashent, sb, id, type)) == NODQUOT) {
665                 if (empty == NODQUOT) {
666                         spin_unlock(&dq_list_lock);
667                         if ((empty = get_empty_dquot(sb, type)) == NODQUOT)
668                                 schedule();     /* Try to wait for a moment... */
669                         goto we_slept;
670                 }
671                 dquot = empty;
672                 dquot->dq_id = id;
673                 /* all dquots go on the inuse_list */
674                 put_inuse(dquot);
675                 /* hash it first so it can be found */
676                 insert_dquot_hash(dquot);
677                 dqstats.lookups++;
678                 spin_unlock(&dq_list_lock);
679         } else {
680                 if (!atomic_read(&dquot->dq_count))
681                         remove_free_dquot(dquot);
682                 atomic_inc(&dquot->dq_count);
683                 dqstats.cache_hits++;
684                 dqstats.lookups++;
685                 spin_unlock(&dq_list_lock);
686                 if (empty)
687                         kmem_cache_free(dquot_cachep, empty);
688         }
689         /* Wait for dq_lock - after this we know that either dquot_release() is already
690          * finished or it will be canceled due to dq_count > 1 test */
691         wait_on_dquot(dquot);
692         /* Read the dquot and instantiate it (everything done only if needed) */
693         if (!test_bit(DQ_ACTIVE_B, &dquot->dq_flags) && sb->dq_op->acquire_dquot(dquot) < 0) {
694                 dqput(dquot);
695                 return NODQUOT;
696         }
697 #ifdef __DQUOT_PARANOIA
698         BUG_ON(!dquot->dq_sb);  /* Has somebody invalidated entry under us? */
699 #endif
700
701         return dquot;
702 }
703
704 static int dqinit_needed(struct inode *inode, int type)
705 {
706         int cnt;
707
708         if (IS_NOQUOTA(inode))
709                 return 0;
710         if (type != -1)
711                 return inode->i_dquot[type] == NODQUOT;
712         for (cnt = 0; cnt < MAXQUOTAS; cnt++)
713                 if (inode->i_dquot[cnt] == NODQUOT)
714                         return 1;
715         return 0;
716 }
717
718 /* This routine is guarded by dqonoff_mutex mutex */
719 static void add_dquot_ref(struct super_block *sb, int type)
720 {
721         struct inode *inode, *old_inode = NULL;
722
723         spin_lock(&inode_lock);
724         list_for_each_entry(inode, &sb->s_inodes, i_sb_list) {
725                 if (!atomic_read(&inode->i_writecount))
726                         continue;
727                 if (!dqinit_needed(inode, type))
728                         continue;
729                 if (inode->i_state & (I_FREEING|I_WILL_FREE))
730                         continue;
731
732                 __iget(inode);
733                 spin_unlock(&inode_lock);
734
735                 iput(old_inode);
736                 sb->dq_op->initialize(inode, type);
737                 /* We hold a reference to 'inode' so it couldn't have been
738                  * removed from s_inodes list while we dropped the inode_lock.
739                  * We cannot iput the inode now as we can be holding the last
740                  * reference and we cannot iput it under inode_lock. So we
741                  * keep the reference and iput it later. */
742                 old_inode = inode;
743                 spin_lock(&inode_lock);
744         }
745         spin_unlock(&inode_lock);
746         iput(old_inode);
747 }
748
749 /* Return 0 if dqput() won't block (note that 1 doesn't necessarily mean blocking) */
750 static inline int dqput_blocks(struct dquot *dquot)
751 {
752         if (atomic_read(&dquot->dq_count) <= 1)
753                 return 1;
754         return 0;
755 }
756
757 /* Remove references to dquots from inode - add dquot to list for freeing if needed */
758 /* We can't race with anybody because we hold dqptr_sem for writing... */
759 static int remove_inode_dquot_ref(struct inode *inode, int type,
760                                   struct list_head *tofree_head)
761 {
762         struct dquot *dquot = inode->i_dquot[type];
763
764         inode->i_dquot[type] = NODQUOT;
765         if (dquot != NODQUOT) {
766                 if (dqput_blocks(dquot)) {
767 #ifdef __DQUOT_PARANOIA
768                         if (atomic_read(&dquot->dq_count) != 1)
769                                 printk(KERN_WARNING "VFS: Adding dquot with dq_count %d to dispose list.\n", atomic_read(&dquot->dq_count));
770 #endif
771                         spin_lock(&dq_list_lock);
772                         list_add(&dquot->dq_free, tofree_head); /* As dquot must have currently users it can't be on the free list... */
773                         spin_unlock(&dq_list_lock);
774                         return 1;
775                 }
776                 else
777                         dqput(dquot);   /* We have guaranteed we won't block */
778         }
779         return 0;
780 }
781
782 /* Free list of dquots - called from inode.c */
783 /* dquots are removed from inodes, no new references can be got so we are the only ones holding reference */
784 static void put_dquot_list(struct list_head *tofree_head)
785 {
786         struct list_head *act_head;
787         struct dquot *dquot;
788
789         act_head = tofree_head->next;
790         /* So now we have dquots on the list... Just free them */
791         while (act_head != tofree_head) {
792                 dquot = list_entry(act_head, struct dquot, dq_free);
793                 act_head = act_head->next;
794                 list_del_init(&dquot->dq_free); /* Remove dquot from the list so we won't have problems... */
795                 dqput(dquot);
796         }
797 }
798
799 static void remove_dquot_ref(struct super_block *sb, int type,
800                 struct list_head *tofree_head)
801 {
802         struct inode *inode;
803
804         spin_lock(&inode_lock);
805         list_for_each_entry(inode, &sb->s_inodes, i_sb_list) {
806                 if (!IS_NOQUOTA(inode))
807                         remove_inode_dquot_ref(inode, type, tofree_head);
808         }
809         spin_unlock(&inode_lock);
810 }
811
812 /* Gather all references from inodes and drop them */
813 static void drop_dquot_ref(struct super_block *sb, int type)
814 {
815         LIST_HEAD(tofree_head);
816
817         if (sb->dq_op) {
818                 down_write(&sb_dqopt(sb)->dqptr_sem);
819                 remove_dquot_ref(sb, type, &tofree_head);
820                 up_write(&sb_dqopt(sb)->dqptr_sem);
821                 put_dquot_list(&tofree_head);
822         }
823 }
824
825 static inline void dquot_incr_inodes(struct dquot *dquot, unsigned long number)
826 {
827         dquot->dq_dqb.dqb_curinodes += number;
828 }
829
830 static inline void dquot_incr_space(struct dquot *dquot, qsize_t number)
831 {
832         dquot->dq_dqb.dqb_curspace += number;
833 }
834
835 static inline void dquot_decr_inodes(struct dquot *dquot, unsigned long number)
836 {
837         if (dquot->dq_dqb.dqb_curinodes > number)
838                 dquot->dq_dqb.dqb_curinodes -= number;
839         else
840                 dquot->dq_dqb.dqb_curinodes = 0;
841         if (dquot->dq_dqb.dqb_curinodes <= dquot->dq_dqb.dqb_isoftlimit)
842                 dquot->dq_dqb.dqb_itime = (time_t) 0;
843         clear_bit(DQ_INODES_B, &dquot->dq_flags);
844 }
845
846 static inline void dquot_decr_space(struct dquot *dquot, qsize_t number)
847 {
848         if (dquot->dq_dqb.dqb_curspace > number)
849                 dquot->dq_dqb.dqb_curspace -= number;
850         else
851                 dquot->dq_dqb.dqb_curspace = 0;
852         if (toqb(dquot->dq_dqb.dqb_curspace) <= dquot->dq_dqb.dqb_bsoftlimit)
853                 dquot->dq_dqb.dqb_btime = (time_t) 0;
854         clear_bit(DQ_BLKS_B, &dquot->dq_flags);
855 }
856
857 static int warning_issued(struct dquot *dquot, const int warntype)
858 {
859         int flag = (warntype == QUOTA_NL_BHARDWARN ||
860                 warntype == QUOTA_NL_BSOFTLONGWARN) ? DQ_BLKS_B :
861                 ((warntype == QUOTA_NL_IHARDWARN ||
862                 warntype == QUOTA_NL_ISOFTLONGWARN) ? DQ_INODES_B : 0);
863
864         if (!flag)
865                 return 0;
866         return test_and_set_bit(flag, &dquot->dq_flags);
867 }
868
869 #ifdef CONFIG_PRINT_QUOTA_WARNING
870 static int flag_print_warnings = 1;
871
872 static inline int need_print_warning(struct dquot *dquot)
873 {
874         if (!flag_print_warnings)
875                 return 0;
876
877         switch (dquot->dq_type) {
878                 case USRQUOTA:
879                         return current->fsuid == dquot->dq_id;
880                 case GRPQUOTA:
881                         return in_group_p(dquot->dq_id);
882         }
883         return 0;
884 }
885
886 /* Print warning to user which exceeded quota */
887 static void print_warning(struct dquot *dquot, const int warntype)
888 {
889         char *msg = NULL;
890         struct tty_struct *tty;
891
892         if (warntype == QUOTA_NL_IHARDBELOW ||
893             warntype == QUOTA_NL_ISOFTBELOW ||
894             warntype == QUOTA_NL_BHARDBELOW ||
895             warntype == QUOTA_NL_BSOFTBELOW || !need_print_warning(dquot))
896                 return;
897
898         mutex_lock(&tty_mutex);
899         tty = get_current_tty();
900         if (!tty)
901                 goto out_lock;
902         tty_write_message(tty, dquot->dq_sb->s_id);
903         if (warntype == QUOTA_NL_ISOFTWARN || warntype == QUOTA_NL_BSOFTWARN)
904                 tty_write_message(tty, ": warning, ");
905         else
906                 tty_write_message(tty, ": write failed, ");
907         tty_write_message(tty, quotatypes[dquot->dq_type]);
908         switch (warntype) {
909                 case QUOTA_NL_IHARDWARN:
910                         msg = " file limit reached.\r\n";
911                         break;
912                 case QUOTA_NL_ISOFTLONGWARN:
913                         msg = " file quota exceeded too long.\r\n";
914                         break;
915                 case QUOTA_NL_ISOFTWARN:
916                         msg = " file quota exceeded.\r\n";
917                         break;
918                 case QUOTA_NL_BHARDWARN:
919                         msg = " block limit reached.\r\n";
920                         break;
921                 case QUOTA_NL_BSOFTLONGWARN:
922                         msg = " block quota exceeded too long.\r\n";
923                         break;
924                 case QUOTA_NL_BSOFTWARN:
925                         msg = " block quota exceeded.\r\n";
926                         break;
927         }
928         tty_write_message(tty, msg);
929 out_lock:
930         mutex_unlock(&tty_mutex);
931 }
932 #endif
933
934 #ifdef CONFIG_QUOTA_NETLINK_INTERFACE
935
936 /* Netlink family structure for quota */
937 static struct genl_family quota_genl_family = {
938         .id = GENL_ID_GENERATE,
939         .hdrsize = 0,
940         .name = "VFS_DQUOT",
941         .version = 1,
942         .maxattr = QUOTA_NL_A_MAX,
943 };
944
945 /* Send warning to userspace about user which exceeded quota */
946 static void send_warning(const struct dquot *dquot, const char warntype)
947 {
948         static atomic_t seq;
949         struct sk_buff *skb;
950         void *msg_head;
951         int ret;
952         int msg_size = 4 * nla_total_size(sizeof(u32)) +
953                        2 * nla_total_size(sizeof(u64));
954
955         /* We have to allocate using GFP_NOFS as we are called from a
956          * filesystem performing write and thus further recursion into
957          * the fs to free some data could cause deadlocks. */
958         skb = genlmsg_new(msg_size, GFP_NOFS);
959         if (!skb) {
960                 printk(KERN_ERR
961                   "VFS: Not enough memory to send quota warning.\n");
962                 return;
963         }
964         msg_head = genlmsg_put(skb, 0, atomic_add_return(1, &seq),
965                         &quota_genl_family, 0, QUOTA_NL_C_WARNING);
966         if (!msg_head) {
967                 printk(KERN_ERR
968                   "VFS: Cannot store netlink header in quota warning.\n");
969                 goto err_out;
970         }
971         ret = nla_put_u32(skb, QUOTA_NL_A_QTYPE, dquot->dq_type);
972         if (ret)
973                 goto attr_err_out;
974         ret = nla_put_u64(skb, QUOTA_NL_A_EXCESS_ID, dquot->dq_id);
975         if (ret)
976                 goto attr_err_out;
977         ret = nla_put_u32(skb, QUOTA_NL_A_WARNING, warntype);
978         if (ret)
979                 goto attr_err_out;
980         ret = nla_put_u32(skb, QUOTA_NL_A_DEV_MAJOR,
981                 MAJOR(dquot->dq_sb->s_dev));
982         if (ret)
983                 goto attr_err_out;
984         ret = nla_put_u32(skb, QUOTA_NL_A_DEV_MINOR,
985                 MINOR(dquot->dq_sb->s_dev));
986         if (ret)
987                 goto attr_err_out;
988         ret = nla_put_u64(skb, QUOTA_NL_A_CAUSED_ID, current->user->uid);
989         if (ret)
990                 goto attr_err_out;
991         genlmsg_end(skb, msg_head);
992
993         ret = genlmsg_multicast(skb, 0, quota_genl_family.id, GFP_NOFS);
994         if (ret < 0 && ret != -ESRCH)
995                 printk(KERN_ERR
996                         "VFS: Failed to send notification message: %d\n", ret);
997         return;
998 attr_err_out:
999         printk(KERN_ERR "VFS: Not enough space to compose quota message!\n");
1000 err_out:
1001         kfree_skb(skb);
1002 }
1003 #endif
1004
1005 static inline void flush_warnings(struct dquot * const *dquots, char *warntype)
1006 {
1007         int i;
1008
1009         for (i = 0; i < MAXQUOTAS; i++)
1010                 if (dquots[i] != NODQUOT && warntype[i] != QUOTA_NL_NOWARN &&
1011                     !warning_issued(dquots[i], warntype[i])) {
1012 #ifdef CONFIG_PRINT_QUOTA_WARNING
1013                         print_warning(dquots[i], warntype[i]);
1014 #endif
1015 #ifdef CONFIG_QUOTA_NETLINK_INTERFACE
1016                         send_warning(dquots[i], warntype[i]);
1017 #endif
1018                 }
1019 }
1020
1021 static inline char ignore_hardlimit(struct dquot *dquot)
1022 {
1023         struct mem_dqinfo *info = &sb_dqopt(dquot->dq_sb)->info[dquot->dq_type];
1024
1025         return capable(CAP_SYS_RESOURCE) &&
1026             (info->dqi_format->qf_fmt_id != QFMT_VFS_OLD || !(info->dqi_flags & V1_DQF_RSQUASH));
1027 }
1028
1029 /* needs dq_data_lock */
1030 static int check_idq(struct dquot *dquot, ulong inodes, char *warntype)
1031 {
1032         *warntype = QUOTA_NL_NOWARN;
1033         if (inodes <= 0 || test_bit(DQ_FAKE_B, &dquot->dq_flags))
1034                 return QUOTA_OK;
1035
1036         if (dquot->dq_dqb.dqb_ihardlimit &&
1037            (dquot->dq_dqb.dqb_curinodes + inodes) > dquot->dq_dqb.dqb_ihardlimit &&
1038             !ignore_hardlimit(dquot)) {
1039                 *warntype = QUOTA_NL_IHARDWARN;
1040                 return NO_QUOTA;
1041         }
1042
1043         if (dquot->dq_dqb.dqb_isoftlimit &&
1044            (dquot->dq_dqb.dqb_curinodes + inodes) > dquot->dq_dqb.dqb_isoftlimit &&
1045             dquot->dq_dqb.dqb_itime && get_seconds() >= dquot->dq_dqb.dqb_itime &&
1046             !ignore_hardlimit(dquot)) {
1047                 *warntype = QUOTA_NL_ISOFTLONGWARN;
1048                 return NO_QUOTA;
1049         }
1050
1051         if (dquot->dq_dqb.dqb_isoftlimit &&
1052            (dquot->dq_dqb.dqb_curinodes + inodes) > dquot->dq_dqb.dqb_isoftlimit &&
1053             dquot->dq_dqb.dqb_itime == 0) {
1054                 *warntype = QUOTA_NL_ISOFTWARN;
1055                 dquot->dq_dqb.dqb_itime = get_seconds() + sb_dqopt(dquot->dq_sb)->info[dquot->dq_type].dqi_igrace;
1056         }
1057
1058         return QUOTA_OK;
1059 }
1060
1061 /* needs dq_data_lock */
1062 static int check_bdq(struct dquot *dquot, qsize_t space, int prealloc, char *warntype)
1063 {
1064         *warntype = QUOTA_NL_NOWARN;
1065         if (space <= 0 || test_bit(DQ_FAKE_B, &dquot->dq_flags))
1066                 return QUOTA_OK;
1067
1068         if (dquot->dq_dqb.dqb_bhardlimit &&
1069            toqb(dquot->dq_dqb.dqb_curspace + space) > dquot->dq_dqb.dqb_bhardlimit &&
1070             !ignore_hardlimit(dquot)) {
1071                 if (!prealloc)
1072                         *warntype = QUOTA_NL_BHARDWARN;
1073                 return NO_QUOTA;
1074         }
1075
1076         if (dquot->dq_dqb.dqb_bsoftlimit &&
1077            toqb(dquot->dq_dqb.dqb_curspace + space) > dquot->dq_dqb.dqb_bsoftlimit &&
1078             dquot->dq_dqb.dqb_btime && get_seconds() >= dquot->dq_dqb.dqb_btime &&
1079             !ignore_hardlimit(dquot)) {
1080                 if (!prealloc)
1081                         *warntype = QUOTA_NL_BSOFTLONGWARN;
1082                 return NO_QUOTA;
1083         }
1084
1085         if (dquot->dq_dqb.dqb_bsoftlimit &&
1086            toqb(dquot->dq_dqb.dqb_curspace + space) > dquot->dq_dqb.dqb_bsoftlimit &&
1087             dquot->dq_dqb.dqb_btime == 0) {
1088                 if (!prealloc) {
1089                         *warntype = QUOTA_NL_BSOFTWARN;
1090                         dquot->dq_dqb.dqb_btime = get_seconds() + sb_dqopt(dquot->dq_sb)->info[dquot->dq_type].dqi_bgrace;
1091                 }
1092                 else
1093                         /*
1094                          * We don't allow preallocation to exceed softlimit so exceeding will
1095                          * be always printed
1096                          */
1097                         return NO_QUOTA;
1098         }
1099
1100         return QUOTA_OK;
1101 }
1102
1103 static int info_idq_free(struct dquot *dquot, ulong inodes)
1104 {
1105         if (test_bit(DQ_FAKE_B, &dquot->dq_flags) ||
1106             dquot->dq_dqb.dqb_curinodes <= dquot->dq_dqb.dqb_isoftlimit)
1107                 return QUOTA_NL_NOWARN;
1108
1109         if (dquot->dq_dqb.dqb_curinodes - inodes <= dquot->dq_dqb.dqb_isoftlimit)
1110                 return QUOTA_NL_ISOFTBELOW;
1111         if (dquot->dq_dqb.dqb_curinodes >= dquot->dq_dqb.dqb_ihardlimit &&
1112             dquot->dq_dqb.dqb_curinodes - inodes < dquot->dq_dqb.dqb_ihardlimit)
1113                 return QUOTA_NL_IHARDBELOW;
1114         return QUOTA_NL_NOWARN;
1115 }
1116
1117 static int info_bdq_free(struct dquot *dquot, qsize_t space)
1118 {
1119         if (test_bit(DQ_FAKE_B, &dquot->dq_flags) ||
1120             toqb(dquot->dq_dqb.dqb_curspace) <= dquot->dq_dqb.dqb_bsoftlimit)
1121                 return QUOTA_NL_NOWARN;
1122
1123         if (toqb(dquot->dq_dqb.dqb_curspace - space) <=
1124             dquot->dq_dqb.dqb_bsoftlimit)
1125                 return QUOTA_NL_BSOFTBELOW;
1126         if (toqb(dquot->dq_dqb.dqb_curspace) >= dquot->dq_dqb.dqb_bhardlimit &&
1127             toqb(dquot->dq_dqb.dqb_curspace - space) <
1128                                                 dquot->dq_dqb.dqb_bhardlimit)
1129                 return QUOTA_NL_BHARDBELOW;
1130         return QUOTA_NL_NOWARN;
1131 }
1132 /*
1133  *      Initialize quota pointers in inode
1134  *      Transaction must be started at entry
1135  */
1136 int dquot_initialize(struct inode *inode, int type)
1137 {
1138         unsigned int id = 0;
1139         int cnt, ret = 0;
1140
1141         /* First test before acquiring mutex - solves deadlocks when we
1142          * re-enter the quota code and are already holding the mutex */
1143         if (IS_NOQUOTA(inode))
1144                 return 0;
1145         down_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1146         /* Having dqptr_sem we know NOQUOTA flags can't be altered... */
1147         if (IS_NOQUOTA(inode))
1148                 goto out_err;
1149         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1150                 if (type != -1 && cnt != type)
1151                         continue;
1152                 if (inode->i_dquot[cnt] == NODQUOT) {
1153                         switch (cnt) {
1154                                 case USRQUOTA:
1155                                         id = inode->i_uid;
1156                                         break;
1157                                 case GRPQUOTA:
1158                                         id = inode->i_gid;
1159                                         break;
1160                         }
1161                         inode->i_dquot[cnt] = dqget(inode->i_sb, id, cnt);
1162                 }
1163         }
1164 out_err:
1165         up_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1166         return ret;
1167 }
1168
1169 /*
1170  *      Release all quotas referenced by inode
1171  *      Transaction must be started at an entry
1172  */
1173 int dquot_drop(struct inode *inode)
1174 {
1175         int cnt;
1176
1177         down_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1178         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1179                 if (inode->i_dquot[cnt] != NODQUOT) {
1180                         dqput(inode->i_dquot[cnt]);
1181                         inode->i_dquot[cnt] = NODQUOT;
1182                 }
1183         }
1184         up_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1185         return 0;
1186 }
1187
1188 /* Wrapper to remove references to quota structures from inode */
1189 void vfs_dq_drop(struct inode *inode)
1190 {
1191         /* Here we can get arbitrary inode from clear_inode() so we have
1192          * to be careful. OTOH we don't need locking as quota operations
1193          * are allowed to change only at mount time */
1194         if (!IS_NOQUOTA(inode) && inode->i_sb && inode->i_sb->dq_op
1195             && inode->i_sb->dq_op->drop) {
1196                 int cnt;
1197                 /* Test before calling to rule out calls from proc and such
1198                  * where we are not allowed to block. Note that this is
1199                  * actually reliable test even without the lock - the caller
1200                  * must assure that nobody can come after the DQUOT_DROP and
1201                  * add quota pointers back anyway */
1202                 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1203                         if (inode->i_dquot[cnt] != NODQUOT)
1204                                 break;
1205                 if (cnt < MAXQUOTAS)
1206                         inode->i_sb->dq_op->drop(inode);
1207         }
1208 }
1209
1210 /*
1211  * Following four functions update i_blocks+i_bytes fields and
1212  * quota information (together with appropriate checks)
1213  * NOTE: We absolutely rely on the fact that caller dirties
1214  * the inode (usually macros in quotaops.h care about this) and
1215  * holds a handle for the current transaction so that dquot write and
1216  * inode write go into the same transaction.
1217  */
1218
1219 /*
1220  * This operation can block, but only after everything is updated
1221  */
1222 int dquot_alloc_space(struct inode *inode, qsize_t number, int warn)
1223 {
1224         int cnt, ret = NO_QUOTA;
1225         char warntype[MAXQUOTAS];
1226
1227         /* First test before acquiring mutex - solves deadlocks when we
1228          * re-enter the quota code and are already holding the mutex */
1229         if (IS_NOQUOTA(inode)) {
1230 out_add:
1231                 inode_add_bytes(inode, number);
1232                 return QUOTA_OK;
1233         }
1234         for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1235                 warntype[cnt] = QUOTA_NL_NOWARN;
1236
1237         down_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1238         if (IS_NOQUOTA(inode)) {        /* Now we can do reliable test... */
1239                 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1240                 goto out_add;
1241         }
1242         spin_lock(&dq_data_lock);
1243         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1244                 if (inode->i_dquot[cnt] == NODQUOT)
1245                         continue;
1246                 if (check_bdq(inode->i_dquot[cnt], number, warn, warntype+cnt) == NO_QUOTA)
1247                         goto warn_put_all;
1248         }
1249         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1250                 if (inode->i_dquot[cnt] == NODQUOT)
1251                         continue;
1252                 dquot_incr_space(inode->i_dquot[cnt], number);
1253         }
1254         inode_add_bytes(inode, number);
1255         ret = QUOTA_OK;
1256 warn_put_all:
1257         spin_unlock(&dq_data_lock);
1258         if (ret == QUOTA_OK)
1259                 /* Dirtify all the dquots - this can block when journalling */
1260                 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1261                         if (inode->i_dquot[cnt])
1262                                 mark_dquot_dirty(inode->i_dquot[cnt]);
1263         flush_warnings(inode->i_dquot, warntype);
1264         up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1265         return ret;
1266 }
1267
1268 /*
1269  * This operation can block, but only after everything is updated
1270  */
1271 int dquot_alloc_inode(const struct inode *inode, unsigned long number)
1272 {
1273         int cnt, ret = NO_QUOTA;
1274         char warntype[MAXQUOTAS];
1275
1276         /* First test before acquiring mutex - solves deadlocks when we
1277          * re-enter the quota code and are already holding the mutex */
1278         if (IS_NOQUOTA(inode))
1279                 return QUOTA_OK;
1280         for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1281                 warntype[cnt] = QUOTA_NL_NOWARN;
1282         down_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1283         if (IS_NOQUOTA(inode)) {
1284                 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1285                 return QUOTA_OK;
1286         }
1287         spin_lock(&dq_data_lock);
1288         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1289                 if (inode->i_dquot[cnt] == NODQUOT)
1290                         continue;
1291                 if (check_idq(inode->i_dquot[cnt], number, warntype+cnt) == NO_QUOTA)
1292                         goto warn_put_all;
1293         }
1294
1295         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1296                 if (inode->i_dquot[cnt] == NODQUOT)
1297                         continue;
1298                 dquot_incr_inodes(inode->i_dquot[cnt], number);
1299         }
1300         ret = QUOTA_OK;
1301 warn_put_all:
1302         spin_unlock(&dq_data_lock);
1303         if (ret == QUOTA_OK)
1304                 /* Dirtify all the dquots - this can block when journalling */
1305                 for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1306                         if (inode->i_dquot[cnt])
1307                                 mark_dquot_dirty(inode->i_dquot[cnt]);
1308         flush_warnings(inode->i_dquot, warntype);
1309         up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1310         return ret;
1311 }
1312
1313 /*
1314  * This operation can block, but only after everything is updated
1315  */
1316 int dquot_free_space(struct inode *inode, qsize_t number)
1317 {
1318         unsigned int cnt;
1319         char warntype[MAXQUOTAS];
1320
1321         /* First test before acquiring mutex - solves deadlocks when we
1322          * re-enter the quota code and are already holding the mutex */
1323         if (IS_NOQUOTA(inode)) {
1324 out_sub:
1325                 inode_sub_bytes(inode, number);
1326                 return QUOTA_OK;
1327         }
1328
1329         down_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1330         /* Now recheck reliably when holding dqptr_sem */
1331         if (IS_NOQUOTA(inode)) {
1332                 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1333                 goto out_sub;
1334         }
1335         spin_lock(&dq_data_lock);
1336         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1337                 if (inode->i_dquot[cnt] == NODQUOT)
1338                         continue;
1339                 warntype[cnt] = info_bdq_free(inode->i_dquot[cnt], number);
1340                 dquot_decr_space(inode->i_dquot[cnt], number);
1341         }
1342         inode_sub_bytes(inode, number);
1343         spin_unlock(&dq_data_lock);
1344         /* Dirtify all the dquots - this can block when journalling */
1345         for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1346                 if (inode->i_dquot[cnt])
1347                         mark_dquot_dirty(inode->i_dquot[cnt]);
1348         flush_warnings(inode->i_dquot, warntype);
1349         up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1350         return QUOTA_OK;
1351 }
1352
1353 /*
1354  * This operation can block, but only after everything is updated
1355  */
1356 int dquot_free_inode(const struct inode *inode, unsigned long number)
1357 {
1358         unsigned int cnt;
1359         char warntype[MAXQUOTAS];
1360
1361         /* First test before acquiring mutex - solves deadlocks when we
1362          * re-enter the quota code and are already holding the mutex */
1363         if (IS_NOQUOTA(inode))
1364                 return QUOTA_OK;
1365
1366         down_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1367         /* Now recheck reliably when holding dqptr_sem */
1368         if (IS_NOQUOTA(inode)) {
1369                 up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1370                 return QUOTA_OK;
1371         }
1372         spin_lock(&dq_data_lock);
1373         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1374                 if (inode->i_dquot[cnt] == NODQUOT)
1375                         continue;
1376                 warntype[cnt] = info_idq_free(inode->i_dquot[cnt], number);
1377                 dquot_decr_inodes(inode->i_dquot[cnt], number);
1378         }
1379         spin_unlock(&dq_data_lock);
1380         /* Dirtify all the dquots - this can block when journalling */
1381         for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1382                 if (inode->i_dquot[cnt])
1383                         mark_dquot_dirty(inode->i_dquot[cnt]);
1384         flush_warnings(inode->i_dquot, warntype);
1385         up_read(&sb_dqopt(inode->i_sb)->dqptr_sem);
1386         return QUOTA_OK;
1387 }
1388
1389 /*
1390  * Transfer the number of inode and blocks from one diskquota to an other.
1391  *
1392  * This operation can block, but only after everything is updated
1393  * A transaction must be started when entering this function.
1394  */
1395 int dquot_transfer(struct inode *inode, struct iattr *iattr)
1396 {
1397         qsize_t space;
1398         struct dquot *transfer_from[MAXQUOTAS];
1399         struct dquot *transfer_to[MAXQUOTAS];
1400         int cnt, ret = NO_QUOTA, chuid = (iattr->ia_valid & ATTR_UID) && inode->i_uid != iattr->ia_uid,
1401             chgid = (iattr->ia_valid & ATTR_GID) && inode->i_gid != iattr->ia_gid;
1402         char warntype_to[MAXQUOTAS];
1403         char warntype_from_inodes[MAXQUOTAS], warntype_from_space[MAXQUOTAS];
1404
1405         /* First test before acquiring mutex - solves deadlocks when we
1406          * re-enter the quota code and are already holding the mutex */
1407         if (IS_NOQUOTA(inode))
1408                 return QUOTA_OK;
1409         /* Clear the arrays */
1410         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1411                 transfer_to[cnt] = transfer_from[cnt] = NODQUOT;
1412                 warntype_to[cnt] = QUOTA_NL_NOWARN;
1413         }
1414         down_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1415         /* Now recheck reliably when holding dqptr_sem */
1416         if (IS_NOQUOTA(inode)) {        /* File without quota accounting? */
1417                 up_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1418                 return QUOTA_OK;
1419         }
1420         /* First build the transfer_to list - here we can block on
1421          * reading/instantiating of dquots.  We know that the transaction for
1422          * us was already started so we don't violate lock ranking here */
1423         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1424                 switch (cnt) {
1425                         case USRQUOTA:
1426                                 if (!chuid)
1427                                         continue;
1428                                 transfer_to[cnt] = dqget(inode->i_sb, iattr->ia_uid, cnt);
1429                                 break;
1430                         case GRPQUOTA:
1431                                 if (!chgid)
1432                                         continue;
1433                                 transfer_to[cnt] = dqget(inode->i_sb, iattr->ia_gid, cnt);
1434                                 break;
1435                 }
1436         }
1437         spin_lock(&dq_data_lock);
1438         space = inode_get_bytes(inode);
1439         /* Build the transfer_from list and check the limits */
1440         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1441                 if (transfer_to[cnt] == NODQUOT)
1442                         continue;
1443                 transfer_from[cnt] = inode->i_dquot[cnt];
1444                 if (check_idq(transfer_to[cnt], 1, warntype_to + cnt) ==
1445                     NO_QUOTA || check_bdq(transfer_to[cnt], space, 0,
1446                     warntype_to + cnt) == NO_QUOTA)
1447                         goto warn_put_all;
1448         }
1449
1450         /*
1451          * Finally perform the needed transfer from transfer_from to transfer_to
1452          */
1453         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1454                 /*
1455                  * Skip changes for same uid or gid or for turned off quota-type.
1456                  */
1457                 if (transfer_to[cnt] == NODQUOT)
1458                         continue;
1459
1460                 /* Due to IO error we might not have transfer_from[] structure */
1461                 if (transfer_from[cnt]) {
1462                         warntype_from_inodes[cnt] =
1463                                 info_idq_free(transfer_from[cnt], 1);
1464                         warntype_from_space[cnt] =
1465                                 info_bdq_free(transfer_from[cnt], space);
1466                         dquot_decr_inodes(transfer_from[cnt], 1);
1467                         dquot_decr_space(transfer_from[cnt], space);
1468                 }
1469
1470                 dquot_incr_inodes(transfer_to[cnt], 1);
1471                 dquot_incr_space(transfer_to[cnt], space);
1472
1473                 inode->i_dquot[cnt] = transfer_to[cnt];
1474         }
1475         ret = QUOTA_OK;
1476 warn_put_all:
1477         spin_unlock(&dq_data_lock);
1478         /* Dirtify all the dquots - this can block when journalling */
1479         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1480                 if (transfer_from[cnt])
1481                         mark_dquot_dirty(transfer_from[cnt]);
1482                 if (transfer_to[cnt])
1483                         mark_dquot_dirty(transfer_to[cnt]);
1484         }
1485         flush_warnings(transfer_to, warntype_to);
1486         flush_warnings(transfer_from, warntype_from_inodes);
1487         flush_warnings(transfer_from, warntype_from_space);
1488         
1489         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1490                 if (ret == QUOTA_OK && transfer_from[cnt] != NODQUOT)
1491                         dqput(transfer_from[cnt]);
1492                 if (ret == NO_QUOTA && transfer_to[cnt] != NODQUOT)
1493                         dqput(transfer_to[cnt]);
1494         }
1495         up_write(&sb_dqopt(inode->i_sb)->dqptr_sem);
1496         return ret;
1497 }
1498
1499 /* Wrapper for transferring ownership of an inode */
1500 int vfs_dq_transfer(struct inode *inode, struct iattr *iattr)
1501 {
1502         if (sb_any_quota_enabled(inode->i_sb) && !IS_NOQUOTA(inode)) {
1503                 vfs_dq_init(inode);
1504                 if (inode->i_sb->dq_op->transfer(inode, iattr) == NO_QUOTA)
1505                         return 1;
1506         }
1507         return 0;
1508 }
1509
1510
1511 /*
1512  * Write info of quota file to disk
1513  */
1514 int dquot_commit_info(struct super_block *sb, int type)
1515 {
1516         int ret;
1517         struct quota_info *dqopt = sb_dqopt(sb);
1518
1519         mutex_lock(&dqopt->dqio_mutex);
1520         ret = dqopt->ops[type]->write_file_info(sb, type);
1521         mutex_unlock(&dqopt->dqio_mutex);
1522         return ret;
1523 }
1524
1525 /*
1526  * Definitions of diskquota operations.
1527  */
1528 struct dquot_operations dquot_operations = {
1529         .initialize     = dquot_initialize,
1530         .drop           = dquot_drop,
1531         .alloc_space    = dquot_alloc_space,
1532         .alloc_inode    = dquot_alloc_inode,
1533         .free_space     = dquot_free_space,
1534         .free_inode     = dquot_free_inode,
1535         .transfer       = dquot_transfer,
1536         .write_dquot    = dquot_commit,
1537         .acquire_dquot  = dquot_acquire,
1538         .release_dquot  = dquot_release,
1539         .mark_dirty     = dquot_mark_dquot_dirty,
1540         .write_info     = dquot_commit_info
1541 };
1542
1543 static inline void set_enable_flags(struct quota_info *dqopt, int type)
1544 {
1545         switch (type) {
1546                 case USRQUOTA:
1547                         dqopt->flags |= DQUOT_USR_ENABLED;
1548                         dqopt->flags &= ~DQUOT_USR_SUSPENDED;
1549                         break;
1550                 case GRPQUOTA:
1551                         dqopt->flags |= DQUOT_GRP_ENABLED;
1552                         dqopt->flags &= ~DQUOT_GRP_SUSPENDED;
1553                         break;
1554         }
1555 }
1556
1557 static inline void reset_enable_flags(struct quota_info *dqopt, int type,
1558                                       int remount)
1559 {
1560         switch (type) {
1561                 case USRQUOTA:
1562                         dqopt->flags &= ~DQUOT_USR_ENABLED;
1563                         if (remount)
1564                                 dqopt->flags |= DQUOT_USR_SUSPENDED;
1565                         else
1566                                 dqopt->flags &= ~DQUOT_USR_SUSPENDED;
1567                         break;
1568                 case GRPQUOTA:
1569                         dqopt->flags &= ~DQUOT_GRP_ENABLED;
1570                         if (remount)
1571                                 dqopt->flags |= DQUOT_GRP_SUSPENDED;
1572                         else
1573                                 dqopt->flags &= ~DQUOT_GRP_SUSPENDED;
1574                         break;
1575         }
1576 }
1577
1578
1579 /*
1580  * Turn quota off on a device. type == -1 ==> quotaoff for all types (umount)
1581  */
1582 int vfs_quota_off(struct super_block *sb, int type, int remount)
1583 {
1584         int cnt, ret = 0;
1585         struct quota_info *dqopt = sb_dqopt(sb);
1586         struct inode *toputinode[MAXQUOTAS];
1587
1588         /* We need to serialize quota_off() for device */
1589         mutex_lock(&dqopt->dqonoff_mutex);
1590
1591         /*
1592          * Skip everything if there's nothing to do. We have to do this because
1593          * sometimes we are called when fill_super() failed and calling
1594          * sync_fs() in such cases does no good.
1595          */
1596         if (!sb_any_quota_enabled(sb) && !sb_any_quota_suspended(sb)) {
1597                 mutex_unlock(&dqopt->dqonoff_mutex);
1598                 return 0;
1599         }
1600         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1601                 toputinode[cnt] = NULL;
1602                 if (type != -1 && cnt != type)
1603                         continue;
1604                 /* If we keep inodes of quota files after remount and quotaoff
1605                  * is called, drop kept inodes. */
1606                 if (!remount && sb_has_quota_suspended(sb, cnt)) {
1607                         iput(dqopt->files[cnt]);
1608                         dqopt->files[cnt] = NULL;
1609                         reset_enable_flags(dqopt, cnt, 0);
1610                         continue;
1611                 }
1612                 if (!sb_has_quota_enabled(sb, cnt))
1613                         continue;
1614                 reset_enable_flags(dqopt, cnt, remount);
1615
1616                 /* Note: these are blocking operations */
1617                 drop_dquot_ref(sb, cnt);
1618                 invalidate_dquots(sb, cnt);
1619                 /*
1620                  * Now all dquots should be invalidated, all writes done so we should be only
1621                  * users of the info. No locks needed.
1622                  */
1623                 if (info_dirty(&dqopt->info[cnt]))
1624                         sb->dq_op->write_info(sb, cnt);
1625                 if (dqopt->ops[cnt]->free_file_info)
1626                         dqopt->ops[cnt]->free_file_info(sb, cnt);
1627                 put_quota_format(dqopt->info[cnt].dqi_format);
1628
1629                 toputinode[cnt] = dqopt->files[cnt];
1630                 if (!remount)
1631                         dqopt->files[cnt] = NULL;
1632                 dqopt->info[cnt].dqi_flags = 0;
1633                 dqopt->info[cnt].dqi_igrace = 0;
1634                 dqopt->info[cnt].dqi_bgrace = 0;
1635                 dqopt->ops[cnt] = NULL;
1636         }
1637         mutex_unlock(&dqopt->dqonoff_mutex);
1638         /* Sync the superblock so that buffers with quota data are written to
1639          * disk (and so userspace sees correct data afterwards). */
1640         if (sb->s_op->sync_fs)
1641                 sb->s_op->sync_fs(sb, 1);
1642         sync_blockdev(sb->s_bdev);
1643         /* Now the quota files are just ordinary files and we can set the
1644          * inode flags back. Moreover we discard the pagecache so that
1645          * userspace sees the writes we did bypassing the pagecache. We
1646          * must also discard the blockdev buffers so that we see the
1647          * changes done by userspace on the next quotaon() */
1648         for (cnt = 0; cnt < MAXQUOTAS; cnt++)
1649                 if (toputinode[cnt]) {
1650                         mutex_lock(&dqopt->dqonoff_mutex);
1651                         /* If quota was reenabled in the meantime, we have
1652                          * nothing to do */
1653                         if (!sb_has_quota_enabled(sb, cnt)) {
1654                                 mutex_lock_nested(&toputinode[cnt]->i_mutex, I_MUTEX_QUOTA);
1655                                 toputinode[cnt]->i_flags &= ~(S_IMMUTABLE |
1656                                   S_NOATIME | S_NOQUOTA);
1657                                 truncate_inode_pages(&toputinode[cnt]->i_data, 0);
1658                                 mutex_unlock(&toputinode[cnt]->i_mutex);
1659                                 mark_inode_dirty(toputinode[cnt]);
1660                         }
1661                         mutex_unlock(&dqopt->dqonoff_mutex);
1662                         /* On remount RO, we keep the inode pointer so that we
1663                          * can reenable quota on the subsequent remount RW.
1664                          * But we have better not keep inode pointer when there
1665                          * is pending delete on the quota file... */
1666                         if (!remount)
1667                                 iput(toputinode[cnt]);
1668                         else if (!toputinode[cnt]->i_nlink)
1669                                 ret = -EBUSY;
1670                 }
1671         if (sb->s_bdev)
1672                 invalidate_bdev(sb->s_bdev);
1673         return ret;
1674 }
1675
1676 /*
1677  *      Turn quotas on on a device
1678  */
1679
1680 /* Helper function when we already have the inode */
1681 static int vfs_quota_on_inode(struct inode *inode, int type, int format_id)
1682 {
1683         struct quota_format_type *fmt = find_quota_format(format_id);
1684         struct super_block *sb = inode->i_sb;
1685         struct quota_info *dqopt = sb_dqopt(sb);
1686         int error;
1687         int oldflags = -1;
1688
1689         if (!fmt)
1690                 return -ESRCH;
1691         if (!S_ISREG(inode->i_mode)) {
1692                 error = -EACCES;
1693                 goto out_fmt;
1694         }
1695         if (IS_RDONLY(inode)) {
1696                 error = -EROFS;
1697                 goto out_fmt;
1698         }
1699         if (!sb->s_op->quota_write || !sb->s_op->quota_read) {
1700                 error = -EINVAL;
1701                 goto out_fmt;
1702         }
1703
1704         /* As we bypass the pagecache we must now flush the inode so that
1705          * we see all the changes from userspace... */
1706         write_inode_now(inode, 1);
1707         /* And now flush the block cache so that kernel sees the changes */
1708         invalidate_bdev(sb->s_bdev);
1709         mutex_lock(&inode->i_mutex);
1710         mutex_lock(&dqopt->dqonoff_mutex);
1711         if (sb_has_quota_enabled(sb, type) ||
1712                         sb_has_quota_suspended(sb, type)) {
1713                 error = -EBUSY;
1714                 goto out_lock;
1715         }
1716         /* We don't want quota and atime on quota files (deadlocks possible)
1717          * Also nobody should write to the file - we use special IO operations
1718          * which ignore the immutable bit. */
1719         down_write(&dqopt->dqptr_sem);
1720         oldflags = inode->i_flags & (S_NOATIME | S_IMMUTABLE | S_NOQUOTA);
1721         inode->i_flags |= S_NOQUOTA | S_NOATIME | S_IMMUTABLE;
1722         up_write(&dqopt->dqptr_sem);
1723         sb->dq_op->drop(inode);
1724
1725         error = -EIO;
1726         dqopt->files[type] = igrab(inode);
1727         if (!dqopt->files[type])
1728                 goto out_lock;
1729         error = -EINVAL;
1730         if (!fmt->qf_ops->check_quota_file(sb, type))
1731                 goto out_file_init;
1732
1733         dqopt->ops[type] = fmt->qf_ops;
1734         dqopt->info[type].dqi_format = fmt;
1735         dqopt->info[type].dqi_fmt_id = format_id;
1736         INIT_LIST_HEAD(&dqopt->info[type].dqi_dirty_list);
1737         mutex_lock(&dqopt->dqio_mutex);
1738         if ((error = dqopt->ops[type]->read_file_info(sb, type)) < 0) {
1739                 mutex_unlock(&dqopt->dqio_mutex);
1740                 goto out_file_init;
1741         }
1742         mutex_unlock(&dqopt->dqio_mutex);
1743         mutex_unlock(&inode->i_mutex);
1744         set_enable_flags(dqopt, type);
1745
1746         add_dquot_ref(sb, type);
1747         mutex_unlock(&dqopt->dqonoff_mutex);
1748
1749         return 0;
1750
1751 out_file_init:
1752         dqopt->files[type] = NULL;
1753         iput(inode);
1754 out_lock:
1755         mutex_unlock(&dqopt->dqonoff_mutex);
1756         if (oldflags != -1) {
1757                 down_write(&dqopt->dqptr_sem);
1758                 /* Set the flags back (in the case of accidental quotaon()
1759                  * on a wrong file we don't want to mess up the flags) */
1760                 inode->i_flags &= ~(S_NOATIME | S_NOQUOTA | S_IMMUTABLE);
1761                 inode->i_flags |= oldflags;
1762                 up_write(&dqopt->dqptr_sem);
1763         }
1764         mutex_unlock(&inode->i_mutex);
1765 out_fmt:
1766         put_quota_format(fmt);
1767
1768         return error; 
1769 }
1770
1771 /* Reenable quotas on remount RW */
1772 static int vfs_quota_on_remount(struct super_block *sb, int type)
1773 {
1774         struct quota_info *dqopt = sb_dqopt(sb);
1775         struct inode *inode;
1776         int ret;
1777
1778         mutex_lock(&dqopt->dqonoff_mutex);
1779         if (!sb_has_quota_suspended(sb, type)) {
1780                 mutex_unlock(&dqopt->dqonoff_mutex);
1781                 return 0;
1782         }
1783         BUG_ON(sb_has_quota_enabled(sb, type));
1784
1785         inode = dqopt->files[type];
1786         dqopt->files[type] = NULL;
1787         reset_enable_flags(dqopt, type, 0);
1788         mutex_unlock(&dqopt->dqonoff_mutex);
1789
1790         ret = vfs_quota_on_inode(inode, type, dqopt->info[type].dqi_fmt_id);
1791         iput(inode);
1792
1793         return ret;
1794 }
1795
1796 int vfs_quota_on_path(struct super_block *sb, int type, int format_id,
1797                       struct path *path)
1798 {
1799         int error = security_quota_on(path->dentry);
1800         if (error)
1801                 return error;
1802         /* Quota file not on the same filesystem? */
1803         if (path->mnt->mnt_sb != sb)
1804                 error = -EXDEV;
1805         else
1806                 error = vfs_quota_on_inode(path->dentry->d_inode, type,
1807                                            format_id);
1808         return error;
1809 }
1810
1811 /* Actual function called from quotactl() */
1812 int vfs_quota_on(struct super_block *sb, int type, int format_id, char *path,
1813                  int remount)
1814 {
1815         struct nameidata nd;
1816         int error;
1817
1818         if (remount)
1819                 return vfs_quota_on_remount(sb, type);
1820
1821         error = path_lookup(path, LOOKUP_FOLLOW, &nd);
1822         if (!error) {
1823                 error = vfs_quota_on_path(sb, type, format_id, &nd.path);
1824                 path_put(&nd.path);
1825         }
1826         return error;
1827 }
1828
1829 /*
1830  * This function is used when filesystem needs to initialize quotas
1831  * during mount time.
1832  */
1833 int vfs_quota_on_mount(struct super_block *sb, char *qf_name,
1834                 int format_id, int type)
1835 {
1836         struct dentry *dentry;
1837         int error;
1838
1839         dentry = lookup_one_len(qf_name, sb->s_root, strlen(qf_name));
1840         if (IS_ERR(dentry))
1841                 return PTR_ERR(dentry);
1842
1843         if (!dentry->d_inode) {
1844                 error = -ENOENT;
1845                 goto out;
1846         }
1847
1848         error = security_quota_on(dentry);
1849         if (!error)
1850                 error = vfs_quota_on_inode(dentry->d_inode, type, format_id);
1851
1852 out:
1853         dput(dentry);
1854         return error;
1855 }
1856
1857 /* Wrapper to turn on quotas when remounting rw */
1858 int vfs_dq_quota_on_remount(struct super_block *sb)
1859 {
1860         int cnt;
1861         int ret = 0, err;
1862
1863         if (!sb->s_qcop || !sb->s_qcop->quota_on)
1864                 return -ENOSYS;
1865         for (cnt = 0; cnt < MAXQUOTAS; cnt++) {
1866                 err = sb->s_qcop->quota_on(sb, cnt, 0, NULL, 1);
1867                 if (err < 0 && !ret)
1868                         ret = err;
1869         }
1870         return ret;
1871 }
1872
1873 /* Generic routine for getting common part of quota structure */
1874 static void do_get_dqblk(struct dquot *dquot, struct if_dqblk *di)
1875 {
1876         struct mem_dqblk *dm = &dquot->dq_dqb;
1877
1878         spin_lock(&dq_data_lock);
1879         di->dqb_bhardlimit = dm->dqb_bhardlimit;
1880         di->dqb_bsoftlimit = dm->dqb_bsoftlimit;
1881         di->dqb_curspace = dm->dqb_curspace;
1882         di->dqb_ihardlimit = dm->dqb_ihardlimit;
1883         di->dqb_isoftlimit = dm->dqb_isoftlimit;
1884         di->dqb_curinodes = dm->dqb_curinodes;
1885         di->dqb_btime = dm->dqb_btime;
1886         di->dqb_itime = dm->dqb_itime;
1887         di->dqb_valid = QIF_ALL;
1888         spin_unlock(&dq_data_lock);
1889 }
1890
1891 int vfs_get_dqblk(struct super_block *sb, int type, qid_t id, struct if_dqblk *di)
1892 {
1893         struct dquot *dquot;
1894
1895         mutex_lock(&sb_dqopt(sb)->dqonoff_mutex);
1896         if (!(dquot = dqget(sb, id, type))) {
1897                 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
1898                 return -ESRCH;
1899         }
1900         do_get_dqblk(dquot, di);
1901         dqput(dquot);
1902         mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
1903         return 0;
1904 }
1905
1906 /* Generic routine for setting common part of quota structure */
1907 static int do_set_dqblk(struct dquot *dquot, struct if_dqblk *di)
1908 {
1909         struct mem_dqblk *dm = &dquot->dq_dqb;
1910         int check_blim = 0, check_ilim = 0;
1911         struct mem_dqinfo *dqi = &sb_dqopt(dquot->dq_sb)->info[dquot->dq_type];
1912
1913         if ((di->dqb_valid & QIF_BLIMITS &&
1914              (di->dqb_bhardlimit > dqi->dqi_maxblimit ||
1915               di->dqb_bsoftlimit > dqi->dqi_maxblimit)) ||
1916             (di->dqb_valid & QIF_ILIMITS &&
1917              (di->dqb_ihardlimit > dqi->dqi_maxilimit ||
1918               di->dqb_isoftlimit > dqi->dqi_maxilimit)))
1919                 return -ERANGE;
1920
1921         spin_lock(&dq_data_lock);
1922         if (di->dqb_valid & QIF_SPACE) {
1923                 dm->dqb_curspace = di->dqb_curspace;
1924                 check_blim = 1;
1925         }
1926         if (di->dqb_valid & QIF_BLIMITS) {
1927                 dm->dqb_bsoftlimit = di->dqb_bsoftlimit;
1928                 dm->dqb_bhardlimit = di->dqb_bhardlimit;
1929                 check_blim = 1;
1930         }
1931         if (di->dqb_valid & QIF_INODES) {
1932                 dm->dqb_curinodes = di->dqb_curinodes;
1933                 check_ilim = 1;
1934         }
1935         if (di->dqb_valid & QIF_ILIMITS) {
1936                 dm->dqb_isoftlimit = di->dqb_isoftlimit;
1937                 dm->dqb_ihardlimit = di->dqb_ihardlimit;
1938                 check_ilim = 1;
1939         }
1940         if (di->dqb_valid & QIF_BTIME)
1941                 dm->dqb_btime = di->dqb_btime;
1942         if (di->dqb_valid & QIF_ITIME)
1943                 dm->dqb_itime = di->dqb_itime;
1944
1945         if (check_blim) {
1946                 if (!dm->dqb_bsoftlimit || toqb(dm->dqb_curspace) < dm->dqb_bsoftlimit) {
1947                         dm->dqb_btime = 0;
1948                         clear_bit(DQ_BLKS_B, &dquot->dq_flags);
1949                 }
1950                 else if (!(di->dqb_valid & QIF_BTIME))  /* Set grace only if user hasn't provided his own... */
1951                         dm->dqb_btime = get_seconds() + dqi->dqi_bgrace;
1952         }
1953         if (check_ilim) {
1954                 if (!dm->dqb_isoftlimit || dm->dqb_curinodes < dm->dqb_isoftlimit) {
1955                         dm->dqb_itime = 0;
1956                         clear_bit(DQ_INODES_B, &dquot->dq_flags);
1957                 }
1958                 else if (!(di->dqb_valid & QIF_ITIME))  /* Set grace only if user hasn't provided his own... */
1959                         dm->dqb_itime = get_seconds() + dqi->dqi_igrace;
1960         }
1961         if (dm->dqb_bhardlimit || dm->dqb_bsoftlimit || dm->dqb_ihardlimit || dm->dqb_isoftlimit)
1962                 clear_bit(DQ_FAKE_B, &dquot->dq_flags);
1963         else
1964                 set_bit(DQ_FAKE_B, &dquot->dq_flags);
1965         spin_unlock(&dq_data_lock);
1966         mark_dquot_dirty(dquot);
1967
1968         return 0;
1969 }
1970
1971 int vfs_set_dqblk(struct super_block *sb, int type, qid_t id, struct if_dqblk *di)
1972 {
1973         struct dquot *dquot;
1974         int rc;
1975
1976         mutex_lock(&sb_dqopt(sb)->dqonoff_mutex);
1977         if (!(dquot = dqget(sb, id, type))) {
1978                 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
1979                 return -ESRCH;
1980         }
1981         rc = do_set_dqblk(dquot, di);
1982         dqput(dquot);
1983         mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
1984         return rc;
1985 }
1986
1987 /* Generic routine for getting common part of quota file information */
1988 int vfs_get_dqinfo(struct super_block *sb, int type, struct if_dqinfo *ii)
1989 {
1990         struct mem_dqinfo *mi;
1991   
1992         mutex_lock(&sb_dqopt(sb)->dqonoff_mutex);
1993         if (!sb_has_quota_enabled(sb, type)) {
1994                 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
1995                 return -ESRCH;
1996         }
1997         mi = sb_dqopt(sb)->info + type;
1998         spin_lock(&dq_data_lock);
1999         ii->dqi_bgrace = mi->dqi_bgrace;
2000         ii->dqi_igrace = mi->dqi_igrace;
2001         ii->dqi_flags = mi->dqi_flags & DQF_MASK;
2002         ii->dqi_valid = IIF_ALL;
2003         spin_unlock(&dq_data_lock);
2004         mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
2005         return 0;
2006 }
2007
2008 /* Generic routine for setting common part of quota file information */
2009 int vfs_set_dqinfo(struct super_block *sb, int type, struct if_dqinfo *ii)
2010 {
2011         struct mem_dqinfo *mi;
2012
2013         mutex_lock(&sb_dqopt(sb)->dqonoff_mutex);
2014         if (!sb_has_quota_enabled(sb, type)) {
2015                 mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
2016                 return -ESRCH;
2017         }
2018         mi = sb_dqopt(sb)->info + type;
2019         spin_lock(&dq_data_lock);
2020         if (ii->dqi_valid & IIF_BGRACE)
2021                 mi->dqi_bgrace = ii->dqi_bgrace;
2022         if (ii->dqi_valid & IIF_IGRACE)
2023                 mi->dqi_igrace = ii->dqi_igrace;
2024         if (ii->dqi_valid & IIF_FLAGS)
2025                 mi->dqi_flags = (mi->dqi_flags & ~DQF_MASK) | (ii->dqi_flags & DQF_MASK);
2026         spin_unlock(&dq_data_lock);
2027         mark_info_dirty(sb, type);
2028         /* Force write to disk */
2029         sb->dq_op->write_info(sb, type);
2030         mutex_unlock(&sb_dqopt(sb)->dqonoff_mutex);
2031         return 0;
2032 }
2033
2034 struct quotactl_ops vfs_quotactl_ops = {
2035         .quota_on       = vfs_quota_on,
2036         .quota_off      = vfs_quota_off,
2037         .quota_sync     = vfs_quota_sync,
2038         .get_info       = vfs_get_dqinfo,
2039         .set_info       = vfs_set_dqinfo,
2040         .get_dqblk      = vfs_get_dqblk,
2041         .set_dqblk      = vfs_set_dqblk
2042 };
2043
2044 static ctl_table fs_dqstats_table[] = {
2045         {
2046                 .ctl_name       = FS_DQ_LOOKUPS,
2047                 .procname       = "lookups",
2048                 .data           = &dqstats.lookups,
2049                 .maxlen         = sizeof(int),
2050                 .mode           = 0444,
2051                 .proc_handler   = &proc_dointvec,
2052         },
2053         {
2054                 .ctl_name       = FS_DQ_DROPS,
2055                 .procname       = "drops",
2056                 .data           = &dqstats.drops,
2057                 .maxlen         = sizeof(int),
2058                 .mode           = 0444,
2059                 .proc_handler   = &proc_dointvec,
2060         },
2061         {
2062                 .ctl_name       = FS_DQ_READS,
2063                 .procname       = "reads",
2064                 .data           = &dqstats.reads,
2065                 .maxlen         = sizeof(int),
2066                 .mode           = 0444,
2067                 .proc_handler   = &proc_dointvec,
2068         },
2069         {
2070                 .ctl_name       = FS_DQ_WRITES,
2071                 .procname       = "writes",
2072                 .data           = &dqstats.writes,
2073                 .maxlen         = sizeof(int),
2074                 .mode           = 0444,
2075                 .proc_handler   = &proc_dointvec,
2076         },
2077         {
2078                 .ctl_name       = FS_DQ_CACHE_HITS,
2079                 .procname       = "cache_hits",
2080                 .data           = &dqstats.cache_hits,
2081                 .maxlen         = sizeof(int),
2082                 .mode           = 0444,
2083                 .proc_handler   = &proc_dointvec,
2084         },
2085         {
2086                 .ctl_name       = FS_DQ_ALLOCATED,
2087                 .procname       = "allocated_dquots",
2088                 .data           = &dqstats.allocated_dquots,
2089                 .maxlen         = sizeof(int),
2090                 .mode           = 0444,
2091                 .proc_handler   = &proc_dointvec,
2092         },
2093         {
2094                 .ctl_name       = FS_DQ_FREE,
2095                 .procname       = "free_dquots",
2096                 .data           = &dqstats.free_dquots,
2097                 .maxlen         = sizeof(int),
2098                 .mode           = 0444,
2099                 .proc_handler   = &proc_dointvec,
2100         },
2101         {
2102                 .ctl_name       = FS_DQ_SYNCS,
2103                 .procname       = "syncs",
2104                 .data           = &dqstats.syncs,
2105                 .maxlen         = sizeof(int),
2106                 .mode           = 0444,
2107                 .proc_handler   = &proc_dointvec,
2108         },
2109 #ifdef CONFIG_PRINT_QUOTA_WARNING
2110         {
2111                 .ctl_name       = FS_DQ_WARNINGS,
2112                 .procname       = "warnings",
2113                 .data           = &flag_print_warnings,
2114                 .maxlen         = sizeof(int),
2115                 .mode           = 0644,
2116                 .proc_handler   = &proc_dointvec,
2117         },
2118 #endif
2119         { .ctl_name = 0 },
2120 };
2121
2122 static ctl_table fs_table[] = {
2123         {
2124                 .ctl_name       = FS_DQSTATS,
2125                 .procname       = "quota",
2126                 .mode           = 0555,
2127                 .child          = fs_dqstats_table,
2128         },
2129         { .ctl_name = 0 },
2130 };
2131
2132 static ctl_table sys_table[] = {
2133         {
2134                 .ctl_name       = CTL_FS,
2135                 .procname       = "fs",
2136                 .mode           = 0555,
2137                 .child          = fs_table,
2138         },
2139         { .ctl_name = 0 },
2140 };
2141
2142 static int __init dquot_init(void)
2143 {
2144         int i;
2145         unsigned long nr_hash, order;
2146
2147         printk(KERN_NOTICE "VFS: Disk quotas %s\n", __DQUOT_VERSION__);
2148
2149         register_sysctl_table(sys_table);
2150
2151         dquot_cachep = kmem_cache_create("dquot",
2152                         sizeof(struct dquot), sizeof(unsigned long) * 4,
2153                         (SLAB_HWCACHE_ALIGN|SLAB_RECLAIM_ACCOUNT|
2154                                 SLAB_MEM_SPREAD|SLAB_PANIC),
2155                         NULL);
2156
2157         order = 0;
2158         dquot_hash = (struct hlist_head *)__get_free_pages(GFP_ATOMIC, order);
2159         if (!dquot_hash)
2160                 panic("Cannot create dquot hash table");
2161
2162         /* Find power-of-two hlist_heads which can fit into allocation */
2163         nr_hash = (1UL << order) * PAGE_SIZE / sizeof(struct hlist_head);
2164         dq_hash_bits = 0;
2165         do {
2166                 dq_hash_bits++;
2167         } while (nr_hash >> dq_hash_bits);
2168         dq_hash_bits--;
2169
2170         nr_hash = 1UL << dq_hash_bits;
2171         dq_hash_mask = nr_hash - 1;
2172         for (i = 0; i < nr_hash; i++)
2173                 INIT_HLIST_HEAD(dquot_hash + i);
2174
2175         printk("Dquot-cache hash table entries: %ld (order %ld, %ld bytes)\n",
2176                         nr_hash, order, (PAGE_SIZE << order));
2177
2178         register_shrinker(&dqcache_shrinker);
2179
2180 #ifdef CONFIG_QUOTA_NETLINK_INTERFACE
2181         if (genl_register_family(&quota_genl_family) != 0)
2182                 printk(KERN_ERR "VFS: Failed to create quota netlink interface.\n");
2183 #endif
2184
2185         return 0;
2186 }
2187 module_init(dquot_init);
2188
2189 EXPORT_SYMBOL(register_quota_format);
2190 EXPORT_SYMBOL(unregister_quota_format);
2191 EXPORT_SYMBOL(dqstats);
2192 EXPORT_SYMBOL(dq_data_lock);
2193 EXPORT_SYMBOL(vfs_quota_on);
2194 EXPORT_SYMBOL(vfs_quota_on_path);
2195 EXPORT_SYMBOL(vfs_quota_on_mount);
2196 EXPORT_SYMBOL(vfs_quota_off);
2197 EXPORT_SYMBOL(vfs_quota_sync);
2198 EXPORT_SYMBOL(vfs_get_dqinfo);
2199 EXPORT_SYMBOL(vfs_set_dqinfo);
2200 EXPORT_SYMBOL(vfs_get_dqblk);
2201 EXPORT_SYMBOL(vfs_set_dqblk);
2202 EXPORT_SYMBOL(dquot_commit);
2203 EXPORT_SYMBOL(dquot_commit_info);
2204 EXPORT_SYMBOL(dquot_acquire);
2205 EXPORT_SYMBOL(dquot_release);
2206 EXPORT_SYMBOL(dquot_mark_dquot_dirty);
2207 EXPORT_SYMBOL(dquot_initialize);
2208 EXPORT_SYMBOL(dquot_drop);
2209 EXPORT_SYMBOL(vfs_dq_drop);
2210 EXPORT_SYMBOL(dquot_alloc_space);
2211 EXPORT_SYMBOL(dquot_alloc_inode);
2212 EXPORT_SYMBOL(dquot_free_space);
2213 EXPORT_SYMBOL(dquot_free_inode);
2214 EXPORT_SYMBOL(dquot_transfer);
2215 EXPORT_SYMBOL(vfs_dq_transfer);
2216 EXPORT_SYMBOL(vfs_dq_quota_on_remount);