]>
git.saurik.com Git - apple/xnu.git/blob - bsd/sys/quota.h
2 * Copyright (c) 2000-2006 Apple Computer, Inc. All rights reserved.
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
29 * Copyright (c) 1982, 1986, 1993
30 * The Regents of the University of California. All rights reserved.
32 * This code is derived from software contributed to Berkeley by
33 * Robert Elz at The University of Melbourne.
35 * Redistribution and use in source and binary forms, with or without
36 * modification, are permitted provided that the following conditions
38 * 1. Redistributions of source code must retain the above copyright
39 * notice, this list of conditions and the following disclaimer.
40 * 2. Redistributions in binary form must reproduce the above copyright
41 * notice, this list of conditions and the following disclaimer in the
42 * documentation and/or other materials provided with the distribution.
43 * 3. All advertising materials mentioning features or use of this software
44 * must display the following acknowledgement:
45 * This product includes software developed by the University of
46 * California, Berkeley and its contributors.
47 * 4. Neither the name of the University nor the names of its contributors
48 * may be used to endorse or promote products derived from this software
49 * without specific prior written permission.
51 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
52 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
53 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
54 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
55 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
56 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
57 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
59 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
60 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
64 * derived from @(#)ufs/ufs/quota.h 8.3 (Berkeley) 8/19/94
70 #include <sys/appleapiopts.h>
71 #include <sys/cdefs.h>
73 #include <kern/locks.h>
76 #include <mach/boolean.h>
78 #ifdef __APPLE_API_UNSTABLE
80 * Definitions for disk quotas imposed on the average user
81 * (big brother finally hits UNIX).
83 * The following constants define the amount of time given a user before the
84 * soft limits are treated as hard limits (usually resulting in an allocation
85 * failure). The timer is started when the user crosses their soft limit, it
86 * is reset when they go below their soft limit.
88 #define MAX_IQ_TIME (7*24*60*60) /* seconds in 1 week */
89 #define MAX_DQ_TIME (7*24*60*60) /* seconds in 1 week */
92 * The following constants define the usage of the quota file array in the
93 * file system mount structure and dquot array in the inode structure. The semantics
94 * of the elements of these arrays are defined in the routine getinoquota;
95 * the remainder of the quota code treats them generically and need not be
96 * inspected when changing the size of the array.
99 #define USRQUOTA 0 /* element used for user quotas */
100 #define GRPQUOTA 1 /* element used for group quotas */
103 * Definitions for the default names of the quotas files.
105 #define INITQFNAMES { \
106 "user", /* USRQUOTA */ \
107 "group", /* GRPQUOTA */ \
110 #define QUOTAFILENAME ".quota"
111 #define QUOTAOPSNAME ".quota.ops"
112 #define QUOTAGROUP "operator"
115 * Command definitions for the 'quotactl' system call. The commands are
116 * broken into a main command defined below and a subcommand that is used
117 * to convey the type of quota that is being manipulated (see above).
119 #define SUBCMDMASK 0x00ff
120 #define SUBCMDSHIFT 8
121 #define QCMD(cmd, type) (((cmd) << SUBCMDSHIFT) | ((type) & SUBCMDMASK))
123 #define Q_QUOTAON 0x0100 /* enable quotas */
124 #define Q_QUOTAOFF 0x0200 /* disable quotas */
125 #define Q_GETQUOTA 0x0300 /* get limits and usage */
126 #define Q_SETQUOTA 0x0400 /* set limits and usage */
127 #define Q_SETUSE 0x0500 /* set usage */
128 #define Q_SYNC 0x0600 /* sync disk copy of a filesystems quotas */
129 #define Q_QUOTASTAT 0x0700 /* get quota on/off status */
132 * The following two structures define the format of the disk
133 * quota file (as it appears on disk) - the file contains a
134 * header followed by a hash table of dqblk entries. To find
135 * a particular entry, the user or group number (id) is first
136 * converted to an index into this table by means of the hash
137 * function dqhash1. If there is a collision at that index
138 * location then a second hash value is computed which using
139 * dqhash2. This second hash value is then used as an offset
140 * to the next location to probe. ID = 0 is used to indicate
141 * an empty (unused) entry. So there can never be an entry in
142 * the quota file for user 0 or group 0 (which is OK since disk
143 * quotas are never enforced for user 0).
145 * The setquota system call establishes the vnode for each quota
146 * file (a pointer is retained in the filesystem mount structure).
150 u_int32_t dqh_version
; /* == QF_VERSION */
151 u_int32_t dqh_maxentries
; /* must be a power of 2 */
152 u_int32_t dqh_entrycnt
; /* count of active entries */
153 u_int32_t dqh_flags
; /* reserved for now (0) */
154 u_int32_t dqh_chktime
; /* time of last quota check */
155 u_int32_t dqh_btime
; /* time limit for excessive disk use */
156 u_int32_t dqh_itime
; /* time limit for excessive files */
157 char dqh_string
[16]; /* tag string */
158 u_int32_t dqh_spare
[4]; /* pad struct to power of 2 */
162 u_int64_t dqb_bhardlimit
; /* absolute limit on disk bytes alloc */
163 u_int64_t dqb_bsoftlimit
; /* preferred limit on disk bytes */
164 u_int64_t dqb_curbytes
; /* current byte count */
165 u_int32_t dqb_ihardlimit
; /* maximum # allocated inodes + 1 */
166 u_int32_t dqb_isoftlimit
; /* preferred inode limit */
167 u_int32_t dqb_curinodes
; /* current # allocated inodes */
168 u_int32_t dqb_btime
; /* time limit for excessive disk use */
169 u_int32_t dqb_itime
; /* time limit for excessive files */
170 u_int32_t dqb_id
; /* identifier (0 for empty entries) */
171 u_int32_t dqb_spare
[4]; /* pad struct to power of 2 */
174 #ifdef KERNEL_PRIVATE
175 #include <machine/types.h> /* user_time_t */
176 /* LP64 version of struct dqblk. time_t is a long and must grow when
177 * we're dealing with a 64-bit process.
178 * WARNING - keep in sync with struct dqblk
182 u_int64_t dqb_bhardlimit
; /* absolute limit on disk bytes alloc */
183 u_int64_t dqb_bsoftlimit
; /* preferred limit on disk bytes */
184 u_int64_t dqb_curbytes
; /* current byte count */
185 u_int32_t dqb_ihardlimit
; /* maximum # allocated inodes + 1 */
186 u_int32_t dqb_isoftlimit
; /* preferred inode limit */
187 u_int32_t dqb_curinodes
; /* current # allocated inodes */
188 u_int32_t dqb_btime
; /* time limit for excessive disk use */
189 u_int32_t dqb_itime
; /* time limit for excessive files */
190 u_int32_t dqb_id
; /* identifier (0 for empty entries) */
191 u_int32_t dqb_spare
[4]; /* pad struct to power of 2 */
193 #endif /* KERNEL_PRIVATE */
195 #define INITQMAGICS { \
196 0xff31ff35, /* USRQUOTA */ \
197 0xff31ff27, /* GRPQUOTA */ \
201 #define QF_STRING_TAG "QUOTA HASH FILE"
203 #define QF_USERS_PER_GB 256
204 #define QF_MIN_USERS 2048
205 #define QF_MAX_USERS (2048*1024)
207 #define QF_GROUPS_PER_GB 32
208 #define QF_MIN_GROUPS 2048
209 #define QF_MAX_GROUPS (256*1024)
213 * The primary and secondary multiplicative hash functions are
214 * derived from Knuth (vol. 3). They use a prime that is in
215 * golden ratio to the machine's word size.
217 #define dqhash1(id, shift, mask) \
218 ((((id) * 2654435761U) >> (shift)) & (mask))
220 #define dqhash2(id, mask) \
221 (dqhash1((id), 11, (mask)>>1) | 1)
224 * Compute a disk offset into a quota file.
226 #define dqoffset(index) \
227 (sizeof (struct dqfilehdr) + ((index) * sizeof (struct dqblk)))
229 * Compute the hash shift value.
230 * It is the word size, in bits, minus the hash table size, in bits.
232 static __inline
int dqhashshift(u_int32_t
);
235 dqhashshift(u_int32_t size
)
239 for (shift
= 32; size
> 1; size
>>= 1, --shift
)
247 int quotactl(const char *, int, int, caddr_t
);
251 #ifdef KERNEL_PRIVATE
252 #include <sys/queue.h>
259 lck_mtx_t qf_lock
; /* quota file mutex */
260 struct vnode
*qf_vp
; /* quota file vnode */
261 kauth_cred_t qf_cred
; /* quota file access cred */
262 int qf_shift
; /* primary hash shift */
263 int qf_maxentries
; /* size of hash table (power of 2) */
264 int qf_entrycnt
; /* count of active entries */
265 u_int32_t qf_btime
; /* block quota time limit */
266 u_int32_t qf_itime
; /* inode quota time limit */
268 /* the following 2 fields are protected */
269 /* by the quota list lock */
270 char qf_qflags
; /* quota specific flags */
271 int qf_refcnt
; /* count of dquot refs on this file */
275 * Flags describing the runtime state of quotas.
278 #define QTF_OPENING 0x01 /* Q_QUOTAON in progress */
279 #define QTF_CLOSING 0x02 /* Q_QUOTAOFF in progress */
280 #define QTF_WANTED 0x04 /* waiting for change of state */
284 * The following structure records disk usage for a user or group on a
285 * filesystem. There is one allocated for each quota that exists on any
286 * filesystem for the current user or group. A cache is kept of recently
290 LIST_ENTRY(dquot
) dq_hash
; /* hash list */
291 TAILQ_ENTRY(dquot
) dq_freelist
; /* free list */
292 u_int16_t dq_flags
; /* flags, see below */
293 u_int16_t dq_cnt_unused
; /* Replaced by dq_cnt below */
294 u_int16_t dq_lflags
; /* protected by the quota list lock */
295 u_int16_t dq_type
; /* quota type of this dquot */
296 u_int32_t dq_id
; /* identifier this applies to */
297 u_int32_t dq_index
; /* index into quota file */
298 struct quotafile
*dq_qfile
; /* quota file that this is taken from */
299 struct dqblk dq_dqb
; /* actual usage & quotas */
300 uint32_t dq_cnt
; /* count of active references */
306 #define DQ_LLOCK 0x01 /* this quota locked (no MODS) */
307 #define DQ_LWANT 0x02 /* wakeup on unlock */
312 #define DQ_MOD 0x01 /* this quota modified since read */
313 #define DQ_FAKE 0x02 /* no limits here, just usage */
314 #define DQ_BLKS 0x04 /* has been warned about blk limit */
315 #define DQ_INODS 0x08 /* has been warned about inode limit */
318 * Shorthand notation.
320 #define dq_bhardlimit dq_dqb.dqb_bhardlimit
321 #define dq_bsoftlimit dq_dqb.dqb_bsoftlimit
322 #define dq_curbytes dq_dqb.dqb_curbytes
323 #define dq_ihardlimit dq_dqb.dqb_ihardlimit
324 #define dq_isoftlimit dq_dqb.dqb_isoftlimit
325 #define dq_curinodes dq_dqb.dqb_curinodes
326 #define dq_btime dq_dqb.dqb_btime
327 #define dq_itime dq_dqb.dqb_itime
330 * If the system has never checked for a quota for this file, then it is
331 * set to NODQUOT. Once a write attempt is made the inode pointer is set
332 * to reference a dquot structure.
337 * Flags to chkdq() and chkiq()
339 #define FORCE 0x01 /* force usage changes independent of limits */
340 #define CHOWN 0x02 /* (advisory) change initiated by chown */
344 * Functions that manage the in-core dquot and the
345 * on-disk dqblk data structures.
348 void dqfileinit(struct quotafile
*);
349 int dqfileopen(struct quotafile
*, int);
350 void dqfileclose(struct quotafile
*, int);
351 void dqflush(struct vnode
*);
352 int dqget(u_int32_t
, struct quotafile
*, int, struct dquot
**);
353 void dqhashinit(void);
355 int dqisinitialized(void);
356 void dqref(struct dquot
*);
357 void dqrele(struct dquot
*);
358 void dqreclaim(struct dquot
*);
359 int dqsync(struct dquot
*);
360 void dqsync_orphans(struct quotafile
*);
361 void dqlock(struct dquot
*);
362 void dqunlock(struct dquot
*);
364 int qf_get(struct quotafile
*, int type
);
365 void qf_put(struct quotafile
*, int type
);
367 __private_extern__
void munge_dqblk(struct dqblk
*dqblkp
, struct user_dqblk
*user_dqblkp
, boolean_t to64
);
370 #endif /* KERNEL_PRIVATE */
372 #endif /* __APPLE_API_UNSTABLE */
374 #endif /* !_SYS_QUOTA_H_ */