]> git.saurik.com Git - apple/xnu.git/blame_incremental - bsd/hfs/hfs_quota.c
projects / apple / xnu.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
xnu-1699.22.81.tar.gz
[apple/xnu.git] / bsd / hfs / hfs_quota.c
... / ...
CommitLineData
1/*
2 * Copyright (c) 2002-2008 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28/*
29 * Copyright (c) 1982, 1986, 1990, 1993, 1995
30 * The Regents of the University of California. All rights reserved.
31 *
32 * This code is derived from software contributed to Berkeley by
33 * Robert Elz at The University of Melbourne.
34 *
35 * Redistribution and use in source and binary forms, with or without
36 * modification, are permitted provided that the following conditions
37 * are met:
38 * 1. Redistributions of source code must retain the above copyright
39 * notice, this list of conditions and the following disclaimer.
40 * 2. Redistributions in binary form must reproduce the above copyright
41 * notice, this list of conditions and the following disclaimer in the
42 * documentation and/or other materials provided with the distribution.
43 * 3. All advertising materials mentioning features or use of this software
44 * must display the following acknowledgement:
45 * This product includes software developed by the University of
46 * California, Berkeley and its contributors.
47 * 4. Neither the name of the University nor the names of its contributors
48 * may be used to endorse or promote products derived from this software
49 * without specific prior written permission.
50 *
51 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
52 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
53 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
54 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
55 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
56 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
57 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
59 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
60 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
61 * SUCH DAMAGE.
62 *
63 * @(#)hfs_quota.c
64 * derived from @(#)ufs_quota.c 8.5 (Berkeley) 5/20/95
65 */
66
67#include <sys/param.h>
68#include <sys/kernel.h>
69#include <sys/systm.h>
70#include <sys/mount.h>
71#include <sys/malloc.h>
72#include <sys/file.h>
73#include <sys/proc.h>
74#include <sys/kauth.h>
75#include <sys/vnode.h>
76#include <sys/vnode_internal.h>
77#include <sys/quota.h>
78#include <sys/proc_internal.h>
79#include <kern/kalloc.h>
80
81#include <hfs/hfs.h>
82#include <hfs/hfs_cnode.h>
83#include <hfs/hfs_quota.h>
84#include <hfs/hfs_mount.h>
85
86
87/*
88 * Quota name to error message mapping.
89 */
90#if 0
91static char *quotatypes[] = INITQFNAMES;
92#endif
93
94/*
95 * Set up the quotas for a cnode.
96 *
97 * This routine completely defines the semantics of quotas.
98 * If other criterion want to be used to establish quotas, the
99 * MAXQUOTAS value in quotas.h should be increased, and the
100 * additional dquots set up here.
101 */
102int
103hfs_getinoquota(cp)
104 register struct cnode *cp;
105{
106 struct hfsmount *hfsmp;
107 struct vnode *vp;
108 int error;
109
110 vp = cp->c_vp ? cp->c_vp : cp->c_rsrc_vp;
111 hfsmp = VTOHFS(vp);
112 /*
113 * Set up the user quota based on file uid.
114 * EINVAL means that quotas are not enabled.
115 */
116 if (cp->c_dquot[USRQUOTA] == NODQUOT &&
117 (error =
118 dqget(cp->c_uid, &hfsmp->hfs_qfiles[USRQUOTA], USRQUOTA, &cp->c_dquot[USRQUOTA])) &&
119 error != EINVAL)
120 return (error);
121 /*
122 * Set up the group quota based on file gid.
123 * EINVAL means that quotas are not enabled.
124 */
125 if (cp->c_dquot[GRPQUOTA] == NODQUOT &&
126 (error =
127 dqget(cp->c_gid, &hfsmp->hfs_qfiles[GRPQUOTA], GRPQUOTA, &cp->c_dquot[GRPQUOTA])) &&
128 error != EINVAL)
129 return (error);
130 return (0);
131}
132
133/*
134 * Update disk usage, and take corrective action.
135 */
136int
137hfs_chkdq(cp, change, cred, flags)
138 register struct cnode *cp;
139 int64_t change;
140 kauth_cred_t cred;
141 int flags;
142{
143 register struct dquot *dq;
144 register int i;
145 int64_t ncurbytes;
146 int error=0;
147 struct proc *p;
148
149#if DIAGNOSTIC
150 if ((flags & CHOWN) == 0)
151 hfs_chkdquot(cp);
152#endif
153 if (change == 0)
154 return (0);
155 if (change < 0) {
156 for (i = 0; i < MAXQUOTAS; i++) {
157 if ((dq = cp->c_dquot[i]) == NODQUOT)
158 continue;
159 dqlock(dq);
160
161 ncurbytes = dq->dq_curbytes + change;
162 if (ncurbytes >= 0)
163 dq->dq_curbytes = ncurbytes;
164 else
165 dq->dq_curbytes = 0;
166 dq->dq_flags &= ~DQ_BLKS;
167 dq->dq_flags |= DQ_MOD;
168
169 dqunlock(dq);
170 }
171 return (0);
172 }
173 p = current_proc();
174 /*
175 * This use of proc_ucred() is safe because kernproc credential never
176 * changes.
177 */
178 if (!IS_VALID_CRED(cred))
179 cred = proc_ucred(kernproc);
180 if (suser(cred, NULL) || proc_forcequota(p)) {
181 for (i = 0; i < MAXQUOTAS; i++) {
182 if ((dq = cp->c_dquot[i]) == NODQUOT)
183 continue;
184 error = hfs_chkdqchg(cp, change, cred, i);
185 if (error) {
186 break;
187 }
188 }
189 }
190 if ((flags & FORCE) || error == 0) {
191 for (i = 0; i < MAXQUOTAS; i++) {
192 if ((dq = cp->c_dquot[i]) == NODQUOT)
193 continue;
194 dqlock(dq);
195
196 dq->dq_curbytes += change;
197 dq->dq_flags |= DQ_MOD;
198
199 dqunlock(dq);
200 }
201 }
202 return (error);
203}
204
205/*
206 * Check for a valid change to a users allocation.
207 * Issue an error message if appropriate.
208 */
209int
210hfs_chkdqchg(cp, change, cred, type)
211 struct cnode *cp;
212 int64_t change;
213 kauth_cred_t cred;
214 int type;
215{
216 register struct dquot *dq = cp->c_dquot[type];
217 u_int64_t ncurbytes;
218 struct vnode *vp = cp->c_vp ? cp->c_vp : cp->c_rsrc_vp;
219
220 dqlock(dq);
221
222 ncurbytes = dq->dq_curbytes + change;
223 /*
224 * If user would exceed their hard limit, disallow space allocation.
225 */
226 if (ncurbytes >= dq->dq_bhardlimit && dq->dq_bhardlimit) {
227 if ((dq->dq_flags & DQ_BLKS) == 0 &&
228 cp->c_uid == kauth_cred_getuid(cred)) {
229#if 0
230 printf("\nhfs: write failed, %s disk limit reached\n",
231 quotatypes[type]);
232#endif
233 dq->dq_flags |= DQ_BLKS;
234 }
235 dqunlock(dq);
236
237 return (EDQUOT);
238 }
239 /*
240 * If user is over their soft limit for too long, disallow space
241 * allocation. Reset time limit as they cross their soft limit.
242 */
243 if (ncurbytes >= dq->dq_bsoftlimit && dq->dq_bsoftlimit) {
244 struct timeval tv;
245
246 microuptime(&tv);
247 if (dq->dq_curbytes < dq->dq_bsoftlimit) {
248 dq->dq_btime = tv.tv_sec +
249 VTOHFS(vp)->hfs_qfiles[type].qf_btime;
250#if 0
251 if (cp->c_uid == kauth_cred_getuid(cred))
252 printf("\nhfs: warning, %s %s\n",
253 quotatypes[type], "disk quota exceeded");
254#endif
255 dqunlock(dq);
256
257 return (0);
258 }
259 if (tv.tv_sec > (time_t)dq->dq_btime) {
260 if ((dq->dq_flags & DQ_BLKS) == 0 &&
261 cp->c_uid == kauth_cred_getuid(cred)) {
262#if 0
263 printf("\nhfs: write failed, %s %s\n",
264 quotatypes[type],
265 "disk quota exceeded for too long");
266#endif
267 dq->dq_flags |= DQ_BLKS;
268 }
269 dqunlock(dq);
270
271 return (EDQUOT);
272 }
273 }
274 dqunlock(dq);
275
276 return (0);
277}
278
279/*
280 * Check the inode limit, applying corrective action.
281 */
282int
283hfs_chkiq(cp, change, cred, flags)
284 register struct cnode *cp;
285 int32_t change;
286 kauth_cred_t cred;
287 int flags;
288{
289 register struct dquot *dq;
290 register int i;
291 int ncurinodes, error=0;
292 struct proc *p;
293
294#if DIAGNOSTIC
295 if ((flags & CHOWN) == 0)
296 hfs_chkdquot(cp);
297#endif
298 if (change == 0)
299 return (0);
300 if (change < 0) {
301 for (i = 0; i < MAXQUOTAS; i++) {
302 if ((dq = cp->c_dquot[i]) == NODQUOT)
303 continue;
304 dqlock(dq);
305
306 ncurinodes = dq->dq_curinodes + change;
307 if (ncurinodes >= 0)
308 dq->dq_curinodes = ncurinodes;
309 else
310 dq->dq_curinodes = 0;
311 dq->dq_flags &= ~DQ_INODS;
312 dq->dq_flags |= DQ_MOD;
313
314 dqunlock(dq);
315 }
316 return (0);
317 }
318 p = current_proc();
319 /*
320 * This use of proc_ucred() is safe because kernproc credential never
321 * changes.
322 */
323 if (!IS_VALID_CRED(cred))
324 cred = proc_ucred(kernproc);
325 if (suser(cred, NULL) || proc_forcequota(p)) {
326 for (i = 0; i < MAXQUOTAS; i++) {
327 if ((dq = cp->c_dquot[i]) == NODQUOT)
328 continue;
329 error = hfs_chkiqchg(cp, change, cred, i);
330 if (error) {
331 break;
332 }
333 }
334 }
335 if ((flags & FORCE) || error == 0) {
336 for (i = 0; i < MAXQUOTAS; i++) {
337 if ((dq = cp->c_dquot[i]) == NODQUOT)
338 continue;
339 dqlock(dq);
340
341 dq->dq_curinodes += change;
342 dq->dq_flags |= DQ_MOD;
343
344 dqunlock(dq);
345 }
346 }
347 return (error);
348}
349
350
351/*
352 * Check to see if a change to a user's allocation should be permitted or not.
353 * Issue an error message if it should not be permitted. Return 0 if
354 * it should be allowed.
355 */
356int hfs_isiqchg_allowed(dq, hfsmp, change, cred, type, uid)
357 struct dquot* dq;
358 struct hfsmount* hfsmp;
359 int32_t change;
360 kauth_cred_t cred;
361 int type;
362 uid_t uid;
363{
364 u_int32_t ncurinodes;
365
366 dqlock(dq);
367
368 ncurinodes = dq->dq_curinodes + change;
369 /*
370 * If user would exceed their hard limit, disallow cnode allocation.
371 */
372 if (ncurinodes >= dq->dq_ihardlimit && dq->dq_ihardlimit) {
373 if ((dq->dq_flags & DQ_INODS) == 0 &&
374 uid == kauth_cred_getuid(cred)) {
375 dq->dq_flags |= DQ_INODS;
376 }
377 dqunlock(dq);
378
379 return (EDQUOT);
380 }
381 /*
382 * If user is over their soft limit for too long, disallow cnode
383 * allocation. Reset time limit as they cross their soft limit.
384 */
385 if (ncurinodes >= dq->dq_isoftlimit && dq->dq_isoftlimit) {
386 struct timeval tv;
387
388 microuptime(&tv);
389 if (dq->dq_curinodes < dq->dq_isoftlimit) {
390 dq->dq_itime = tv.tv_sec + hfsmp->hfs_qfiles[type].qf_itime;
391 dqunlock(dq);
392 return (0);
393 }
394 if (tv.tv_sec > (time_t)dq->dq_itime) {
395 if (((dq->dq_flags & DQ_INODS) == 0) &&
396 (uid == kauth_cred_getuid(cred))) {
397 dq->dq_flags |= DQ_INODS;
398 }
399 dqunlock(dq);
400
401 return (EDQUOT);
402 }
403 }
404 dqunlock(dq);
405
406 return (0);
407}
408
409
410/*
411 * Check for a valid change to a users allocation.
412 * Issue an error message if appropriate.
413 */
414int
415hfs_chkiqchg(cp, change, cred, type)
416 struct cnode *cp;
417 int32_t change;
418 kauth_cred_t cred;
419 int type;
420{
421 register struct dquot *dq = cp->c_dquot[type];
422 u_int32_t ncurinodes;
423 struct vnode *vp = cp->c_vp ? cp->c_vp : cp->c_rsrc_vp;
424
425 dqlock(dq);
426
427 ncurinodes = dq->dq_curinodes + change;
428 /*
429 * If user would exceed their hard limit, disallow cnode allocation.
430 */
431 if (ncurinodes >= dq->dq_ihardlimit && dq->dq_ihardlimit) {
432 if ((dq->dq_flags & DQ_INODS) == 0 &&
433 cp->c_uid == kauth_cred_getuid(cred)) {
434#if 0
435 printf("\nhfs: write failed, %s cnode limit reached\n",
436 quotatypes[type]);
437#endif
438 dq->dq_flags |= DQ_INODS;
439 }
440 dqunlock(dq);
441
442 return (EDQUOT);
443 }
444 /*
445 * If user is over their soft limit for too long, disallow cnode
446 * allocation. Reset time limit as they cross their soft limit.
447 */
448 if (ncurinodes >= dq->dq_isoftlimit && dq->dq_isoftlimit) {
449 struct timeval tv;
450
451 microuptime(&tv);
452 if (dq->dq_curinodes < dq->dq_isoftlimit) {
453 dq->dq_itime = tv.tv_sec +
454 VTOHFS(vp)->hfs_qfiles[type].qf_itime;
455#if 0
456 if (cp->c_uid == kauth_cred_getuid(cred))
457 printf("\nhfs: warning, %s %s\n",
458 quotatypes[type], "cnode quota exceeded");
459#endif
460 dqunlock(dq);
461
462 return (0);
463 }
464 if (tv.tv_sec > (time_t)dq->dq_itime) {
465 if ((dq->dq_flags & DQ_INODS) == 0 &&
466 cp->c_uid == kauth_cred_getuid(cred)) {
467#if 0
468 printf("\nhfs: write failed, %s %s\n",
469 quotatypes[type],
470 "cnode quota exceeded for too long");
471#endif
472 dq->dq_flags |= DQ_INODS;
473 }
474 dqunlock(dq);
475
476 return (EDQUOT);
477 }
478 }
479 dqunlock(dq);
480
481 return (0);
482}
483
484#if DIAGNOSTIC
485/*
486 * On filesystems with quotas enabled, it is an error for a file to change
487 * size and not to have a dquot structure associated with it.
488 */
489void
490hfs_chkdquot(cp)
491 register struct cnode *cp;
492{
493 struct vnode *vp = cp->c_vp ? cp->c_vp : cp->c_rsrc_vp;
494 struct hfsmount *hfsmp = VTOHFS(vp);
495 register int i;
496
497 for (i = 0; i < MAXQUOTAS; i++) {
498 if (hfsmp->hfs_qfiles[i].qf_vp == NULLVP)
499 continue;
500 if (cp->c_dquot[i] == NODQUOT) {
501 vprint("chkdquot: missing dquot", vp);
502 panic("missing dquot");
503 }
504 }
505}
506#endif
507
508/*
509 * Code to process quotactl commands.
510 */
511
512/*
513 * Q_QUOTAON - set up a quota file for a particular file system.
514 */
515struct hfs_quotaon_cargs {
516 int error;
517};
518
519static int
520hfs_quotaon_callback(struct vnode *vp, void *cargs)
521{
522 struct hfs_quotaon_cargs *args;
523
524 args = (struct hfs_quotaon_cargs *)cargs;
525
526 args->error = hfs_getinoquota(VTOC(vp));
527 if (args->error)
528 return (VNODE_RETURNED_DONE);
529
530 return (VNODE_RETURNED);
531}
532
533int
534hfs_quotaon(p, mp, type, fnamep)
535 struct proc *p;
536 struct mount *mp;
537 register int type;
538 caddr_t fnamep;
539{
540 struct hfsmount *hfsmp = VFSTOHFS(mp);
541 struct quotafile *qfp;
542 struct vnode *vp;
543 int error = 0;
544 struct hfs_quotaon_cargs args;
545
546 /* Finish setting up quota structures. */
547 dqhashinit();
548
549 qfp = &hfsmp->hfs_qfiles[type];
550
551 if ( (qf_get(qfp, QTF_OPENING)) )
552 return (0);
553
554 error = vnode_open(fnamep, FREAD|FWRITE, 0, 0, &vp, NULL);
555 if (error) {
556 goto out;
557 }
558 if (!vnode_isreg(vp)) {
559 (void) vnode_close(vp, FREAD|FWRITE, NULL);
560 error = EACCES;
561 goto out;
562 }
563 vfs_setflags(mp, (u_int64_t)((unsigned int)MNT_QUOTA));
564 HFS_MOUNT_LOCK(hfsmp, TRUE)
565 hfsmp->hfs_flags |= HFS_QUOTAS;
566 HFS_MOUNT_UNLOCK(hfsmp, TRUE);
567 vnode_setnoflush(vp);
568 /*
569 * Save the credential of the process that turned on quotas.
570 */
571 qfp->qf_cred = kauth_cred_proc_ref(p);
572 qfp->qf_vp = vp;
573 /*
574 * Finish initializing the quota file
575 */
576 error = dqfileopen(qfp, type);
577 if (error) {
578 (void) vnode_close(vp, FREAD|FWRITE, NULL);
579
580 if (IS_VALID_CRED(qfp->qf_cred))
581 kauth_cred_unref(&qfp->qf_cred);
582 qfp->qf_vp = NULLVP;
583 goto out;
584 }
585 qf_put(qfp, QTF_OPENING);
586
587 /*
588 * Search vnodes associated with this mount point,
589 * adding references to quota file being opened.
590 * NB: only need to add dquot's for cnodes being modified.
591 *
592 * hfs_quota_callback will be called for each vnode open for
593 * 'write' (VNODE_WRITEABLE) hung off of this mount point
594 * the vnode will be in an 'unbusy' state (VNODE_WAIT) and
595 * properly referenced and unreferenced around the callback
596 */
597 args.error = 0;
598
599 vnode_iterate(mp, VNODE_WRITEABLE | VNODE_WAIT, hfs_quotaon_callback, (void *)&args);
600
601 error = args.error;
602
603 if (error) {
604 hfs_quotaoff(p, mp, type);
605 }
606 return (error);
607
608out:
609 qf_put(qfp, QTF_OPENING);
610
611 return (error);
612}
613
614
615/*
616 * Q_QUOTAOFF - turn off disk quotas for a filesystem.
617 */
618struct hfs_quotaoff_cargs {
619 int type;
620};
621
622static int
623hfs_quotaoff_callback(struct vnode *vp, void *cargs)
624{
625 struct hfs_quotaoff_cargs *args;
626 struct cnode *cp;
627 struct dquot *dq;
628
629 args = (struct hfs_quotaoff_cargs *)cargs;
630
631 cp = VTOC(vp);
632
633 dq = cp->c_dquot[args->type];
634 cp->c_dquot[args->type] = NODQUOT;
635
636 dqrele(dq);
637
638 return (VNODE_RETURNED);
639}
640
641int
642hfs_quotaoff(__unused struct proc *p, struct mount *mp, register int type)
643{
644 struct vnode *qvp;
645 struct hfsmount *hfsmp = VFSTOHFS(mp);
646 struct quotafile *qfp;
647 int error;
648 struct hfs_quotaoff_cargs args;
649
650 /*
651 * If quotas haven't been initialized, there's no work to be done.
652 */
653 if (!dqisinitialized())
654 return (0);
655
656 qfp = &hfsmp->hfs_qfiles[type];
657
658 if ( (qf_get(qfp, QTF_CLOSING)) )
659 return (0);
660 qvp = qfp->qf_vp;
661
662 /*
663 * Sync out any orpaned dirty dquot entries.
664 */
665 dqsync_orphans(qfp);
666
667 /*
668 * Search vnodes associated with this mount point,
669 * deleting any references to quota file being closed.
670 *
671 * hfs_quotaoff_callback will be called for each vnode
672 * hung off of this mount point
673 * the vnode will be in an 'unbusy' state (VNODE_WAIT) and
674 * properly referenced and unreferenced around the callback
675 */
676 args.type = type;
677
678 vnode_iterate(mp, VNODE_WAIT, hfs_quotaoff_callback, (void *)&args);
679
680 dqflush(qvp);
681 /* Finish tearing down the quota file */
682 dqfileclose(qfp, type);
683
684 vnode_clearnoflush(qvp);
685 error = vnode_close(qvp, FREAD|FWRITE, NULL);
686
687 qfp->qf_vp = NULLVP;
688
689 if (IS_VALID_CRED(qfp->qf_cred))
690 kauth_cred_unref(&qfp->qf_cred);
691 for (type = 0; type < MAXQUOTAS; type++)
692 if (hfsmp->hfs_qfiles[type].qf_vp != NULLVP)
693 break;
694 if (type == MAXQUOTAS) {
695 vfs_clearflags(mp, (u_int64_t)((unsigned int)MNT_QUOTA));
696 HFS_MOUNT_LOCK(hfsmp, TRUE)
697 hfsmp->hfs_flags &= ~HFS_QUOTAS;
698 HFS_MOUNT_UNLOCK(hfsmp, TRUE);
699 }
700
701 qf_put(qfp, QTF_CLOSING);
702
703 return (error);
704}
705
706/*
707 * hfs_quotacheck - checks quotas mountwide for a hypothetical situation. It probes
708 * the quota data structures to see if adding an inode would be allowed or not. If it
709 * will be allowed, the change is made. Otherwise, it reports an error back out so the
710 * caller will know not to proceed with inode allocation in the HFS Catalog.
711 *
712 * Note that this function ONLY tests for addition of inodes, not subtraction.
713 */
714int hfs_quotacheck(hfsmp, change, uid, gid, cred)
715 struct hfsmount *hfsmp;
716 int change;
717 uid_t uid;
718 gid_t gid;
719 kauth_cred_t cred;
720{
721 struct dquot *dq = NULL;
722 struct proc *p;
723 int error = 0;
724 int i;
725 id_t id = uid;
726
727 p = current_proc();
728 if (!IS_VALID_CRED(cred)) {
729 /* This use of proc_ucred() is safe because kernproc credential never changes */
730 cred = proc_ucred(kernproc);
731 }
732
733 if (suser(cred, NULL) || proc_forcequota(p)) {
734 for (i = 0; i < MAXQUOTAS; i++) {
735 /* Select if user or group id should be used */
736 if (i == USRQUOTA)
737 id = uid;
738 else if (i == GRPQUOTA)
739 id = gid;
740
741 error = dqget(id, &hfsmp->hfs_qfiles[i], i, &dq);
742 if (error && (error != EINVAL))
743 break;
744
745 error = 0;
746 if (dq == NODQUOT)
747 continue;
748
749 /* Check quota information */
750 error = hfs_isiqchg_allowed(dq, hfsmp, change, cred, i, id);
751 if (error) {
752 dqrele(dq);
753 break;
754 }
755
756 dqlock(dq);
757 /* Update quota information */
758 dq->dq_curinodes += change;
759 dqunlock(dq);
760 dqrele(dq);
761 }
762 }
763
764 return error;
765}
766
767
768/*
769 * Q_GETQUOTA - return current values in a dqblk structure.
770 */
771int
772hfs_getquota(mp, id, type, datap)
773 struct mount *mp;
774 u_int32_t id;
775 int type;
776 caddr_t datap;
777{
778 struct dquot *dq;
779 int error;
780
781 error = dqget(id, &VFSTOHFS(mp)->hfs_qfiles[type], type, &dq);
782 if (error)
783 return (error);
784 dqlock(dq);
785
786 bcopy(&dq->dq_dqb, datap, sizeof(dq->dq_dqb));
787
788 dqunlock(dq);
789 dqrele(dq);
790
791 return (error);
792}
793
794/*
795 * Q_SETQUOTA - assign an entire dqblk structure.
796 */
797int
798hfs_setquota(mp, id, type, datap)
799 struct mount *mp;
800 u_int32_t id;
801 int type;
802 caddr_t datap;
803{
804 struct dquot *dq;
805 struct hfsmount *hfsmp = VFSTOHFS(mp);
806 struct dqblk * newlimp = (struct dqblk *) datap;
807 struct timeval tv;
808 int error;
809
810 error = dqget(id, &hfsmp->hfs_qfiles[type], type, &dq);
811 if (error)
812 return (error);
813 dqlock(dq);
814
815 /*
816 * Copy all but the current values.
817 * Reset time limit if previously had no soft limit or were
818 * under it, but now have a soft limit and are over it.
819 */
820 newlimp->dqb_curbytes = dq->dq_curbytes;
821 newlimp->dqb_curinodes = dq->dq_curinodes;
822 if (dq->dq_id != 0) {
823 newlimp->dqb_btime = dq->dq_btime;
824 newlimp->dqb_itime = dq->dq_itime;
825 }
826 if (newlimp->dqb_bsoftlimit &&
827 dq->dq_curbytes >= newlimp->dqb_bsoftlimit &&
828 (dq->dq_bsoftlimit == 0 || dq->dq_curbytes < dq->dq_bsoftlimit)) {
829 microuptime(&tv);
830 newlimp->dqb_btime = tv.tv_sec + hfsmp->hfs_qfiles[type].qf_btime;
831 }
832 if (newlimp->dqb_isoftlimit &&
833 dq->dq_curinodes >= newlimp->dqb_isoftlimit &&
834 (dq->dq_isoftlimit == 0 || dq->dq_curinodes < dq->dq_isoftlimit)) {
835 microuptime(&tv);
836 newlimp->dqb_itime = tv.tv_sec + hfsmp->hfs_qfiles[type].qf_itime;
837 }
838 bcopy(newlimp, &dq->dq_dqb, sizeof(dq->dq_dqb));
839 if (dq->dq_curbytes < dq->dq_bsoftlimit)
840 dq->dq_flags &= ~DQ_BLKS;
841 if (dq->dq_curinodes < dq->dq_isoftlimit)
842 dq->dq_flags &= ~DQ_INODS;
843 if (dq->dq_isoftlimit == 0 && dq->dq_bsoftlimit == 0 &&
844 dq->dq_ihardlimit == 0 && dq->dq_bhardlimit == 0)
845 dq->dq_flags |= DQ_FAKE;
846 else
847 dq->dq_flags &= ~DQ_FAKE;
848 dq->dq_flags |= DQ_MOD;
849
850 dqunlock(dq);
851 dqrele(dq);
852
853 return (0);
854}
855
856/*
857 * Q_SETUSE - set current cnode and byte usage.
858 */
859int
860hfs_setuse(mp, id, type, datap)
861 struct mount *mp;
862 u_int32_t id;
863 int type;
864 caddr_t datap;
865{
866 struct hfsmount *hfsmp = VFSTOHFS(mp);
867 struct dquot *dq;
868 struct timeval tv;
869 int error;
870 struct dqblk *quotablkp = (struct dqblk *) datap;
871
872 error = dqget(id, &hfsmp->hfs_qfiles[type], type, &dq);
873 if (error)
874 return (error);
875 dqlock(dq);
876
877 /*
878 * Reset time limit if have a soft limit and were
879 * previously under it, but are now over it.
880 */
881 if (dq->dq_bsoftlimit && dq->dq_curbytes < dq->dq_bsoftlimit &&
882 quotablkp->dqb_curbytes >= dq->dq_bsoftlimit) {
883 microuptime(&tv);
884 dq->dq_btime = tv.tv_sec + hfsmp->hfs_qfiles[type].qf_btime;
885 }
886 if (dq->dq_isoftlimit && dq->dq_curinodes < dq->dq_isoftlimit &&
887 quotablkp->dqb_curinodes >= dq->dq_isoftlimit) {
888 microuptime(&tv);
889 dq->dq_itime = tv.tv_sec + hfsmp->hfs_qfiles[type].qf_itime;
890 }
891 dq->dq_curbytes = quotablkp->dqb_curbytes;
892 dq->dq_curinodes = quotablkp->dqb_curinodes;
893 if (dq->dq_curbytes < dq->dq_bsoftlimit)
894 dq->dq_flags &= ~DQ_BLKS;
895 if (dq->dq_curinodes < dq->dq_isoftlimit)
896 dq->dq_flags &= ~DQ_INODS;
897 dq->dq_flags |= DQ_MOD;
898
899 dqunlock(dq);
900 dqrele(dq);
901
902 return (0);
903}
904
905
906/*
907 * Q_SYNC - sync quota files to disk.
908 */
909static int
910hfs_qsync_callback(struct vnode *vp, __unused void *cargs)
911{
912 struct cnode *cp;
913 struct dquot *dq;
914 int i;
915
916 cp = VTOC(vp);
917
918 for (i = 0; i < MAXQUOTAS; i++) {
919 dq = cp->c_dquot[i];
920 if (dq != NODQUOT && (dq->dq_flags & DQ_MOD))
921 dqsync(dq);
922 }
923 return (VNODE_RETURNED);
924}
925
926int
927hfs_qsync(mp)
928 struct mount *mp;
929{
930 struct hfsmount *hfsmp = VFSTOHFS(mp);
931 int i;
932
933 if (!dqisinitialized())
934 return (0);
935
936 /*
937 * Check if the mount point has any quotas.
938 * If not, simply return.
939 */
940 for (i = 0; i < MAXQUOTAS; i++)
941 if (hfsmp->hfs_qfiles[i].qf_vp != NULLVP)
942 break;
943 if (i == MAXQUOTAS)
944 return (0);
945
946 /*
947 * Sync out any orpaned dirty dquot entries.
948 */
949 for (i = 0; i < MAXQUOTAS; i++)
950 if (hfsmp->hfs_qfiles[i].qf_vp != NULLVP)
951 dqsync_orphans(&hfsmp->hfs_qfiles[i]);
952
953 /*
954 * Search vnodes associated with this mount point,
955 * synchronizing any modified dquot structures.
956 *
957 * hfs_qsync_callback will be called for each vnode
958 * hung off of this mount point
959 * the vnode will be
960 * properly referenced and unreferenced around the callback
961 */
962 vnode_iterate(mp, 0, hfs_qsync_callback, (void *)NULL);
963
964 return (0);
965}
966
967/*
968 * Q_QUOTASTAT - get quota on/off status
969 */
970int
971hfs_quotastat(mp, type, datap)
972 struct mount *mp;
973 register int type;
974 caddr_t datap;
975{
976 struct hfsmount *hfsmp = VFSTOHFS(mp);
977 int error = 0;
978 int qstat;
979
980 if ((((unsigned int)vfs_flags(mp)) & MNT_QUOTA) && (hfsmp->hfs_qfiles[type].qf_vp != NULLVP))
981 qstat = 1; /* quotas are on for this type */
982 else
983 qstat = 0; /* quotas are off for this type */
984
985 *((int *)datap) = qstat;
986 return (error);
987}
988
mirror of XNU