1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * In memory quota format relies on quota infrastructure to store dquot 4 * information for us. While conventional quota formats for file systems 5 * with persistent storage can load quota information into dquot from the 6 * storage on-demand and hence quota dquot shrinker can free any dquot 7 * that is not currently being used, it must be avoided here. Otherwise we 8 * can lose valuable information, user provided limits, because there is 9 * no persistent storage to load the information from afterwards. 10 * 11 * One information that in-memory quota format needs to keep track of is 12 * a sorted list of ids for each quota type. This is done by utilizing 13 * an rb tree which root is stored in mem_dqinfo->dqi_priv for each quota 14 * type. 15 * 16 * This format can be used to support quota on file system without persistent 17 * storage such as tmpfs. 18 * 19 * Author: Lukas Czerner <lczerner@redhat.com> 20 * Carlos Maiolino <cmaiolino@redhat.com> 21 * 22 * Copyright (C) 2023 Red Hat, Inc. 23 */ 24#include <linux/errno.h> 25#include <linux/fs.h> 26#include <linux/mount.h> 27#include <linux/kernel.h> 28#include <linux/init.h> 29#include <linux/module.h> 30#include <linux/slab.h> 31#include <linux/rbtree.h> 32#include <linux/shmem_fs.h> 33 34#include <linux/quotaops.h> 35#include <linux/quota.h> 36 37#ifdef CONFIG_TMPFS_QUOTA 38 39/* 40 * The following constants define the amount of time given a user 41 * before the soft limits are treated as hard limits (usually resulting 42 * in an allocation failure). The timer is started when the user crosses 43 * their soft limit, it is reset when they go below their soft limit. 44 */ 45#define SHMEM_MAX_IQ_TIME 604800 /* (7*24*60*60) 1 week */ 46#define SHMEM_MAX_DQ_TIME 604800 /* (7*24*60*60) 1 week */ 47 48struct quota_id { 49 struct rb_node node; 50 qid_t id; 51 qsize_t bhardlimit; 52 qsize_t bsoftlimit; 53 qsize_t ihardlimit; 54 qsize_t isoftlimit; 55}; 56 57static int shmem_check_quota_file(struct super_block *sb, int type) 58{ 59 /* There is no real quota file, nothing to do */ 60 return 1; 61} 62 63/* 64 * There is no real quota file. Just allocate rb_root for quota ids and 65 * set limits 66 */ 67static int shmem_read_file_info(struct super_block *sb, int type) 68{ 69 struct quota_info *dqopt = sb_dqopt(sb); 70 struct mem_dqinfo *info = &dqopt->info[type]; 71 72 info->dqi_priv = kzalloc(sizeof(struct rb_root), GFP_NOFS); 73 if (!info->dqi_priv) 74 return -ENOMEM; 75 76 info->dqi_max_spc_limit = SHMEM_QUOTA_MAX_SPC_LIMIT; 77 info->dqi_max_ino_limit = SHMEM_QUOTA_MAX_INO_LIMIT; 78 79 info->dqi_bgrace = SHMEM_MAX_DQ_TIME; 80 info->dqi_igrace = SHMEM_MAX_IQ_TIME; 81 info->dqi_flags = 0; 82 83 return 0; 84} 85 86static int shmem_write_file_info(struct super_block *sb, int type) 87{ 88 /* There is no real quota file, nothing to do */ 89 return 0; 90} 91 92/* 93 * Free all the quota_id entries in the rb tree and rb_root. 94 */ 95static int shmem_free_file_info(struct super_block *sb, int type) 96{ 97 struct mem_dqinfo *info = &sb_dqopt(sb)->info[type]; 98 struct rb_root *root = info->dqi_priv; 99 struct quota_id *entry; 100 struct rb_node *node; 101 102 info->dqi_priv = NULL; 103 node = rb_first(root); 104 while (node) { 105 entry = rb_entry(node, struct quota_id, node); 106 node = rb_next(&entry->node); 107 108 rb_erase(&entry->node, root); 109 kfree(entry); 110 } 111 112 kfree(root); 113 return 0; 114} 115 116static int shmem_get_next_id(struct super_block *sb, struct kqid *qid) 117{ 118 struct mem_dqinfo *info = sb_dqinfo(sb, qid->type); 119 struct rb_node *node; 120 qid_t id = from_kqid(&init_user_ns, *qid); 121 struct quota_info *dqopt = sb_dqopt(sb); 122 struct quota_id *entry = NULL; 123 int ret = 0; 124 125 if (!sb_has_quota_active(sb, qid->type)) 126 return -ESRCH; 127 128 down_read(&dqopt->dqio_sem); 129 node = ((struct rb_root *)info->dqi_priv)->rb_node; 130 while (node) { 131 entry = rb_entry(node, struct quota_id, node); 132 133 if (id < entry->id) 134 node = node->rb_left; 135 else if (id > entry->id) 136 node = node->rb_right; 137 else 138 goto got_next_id; 139 } 140 141 if (!entry) { 142 ret = -ENOENT; 143 goto out_unlock; 144 } 145 146 if (id > entry->id) { 147 node = rb_next(&entry->node); 148 if (!node) { 149 ret = -ENOENT; 150 goto out_unlock; 151 } 152 entry = rb_entry(node, struct quota_id, node); 153 } 154 155got_next_id: 156 *qid = make_kqid(&init_user_ns, qid->type, entry->id); 157out_unlock: 158 up_read(&dqopt->dqio_sem); 159 return ret; 160} 161 162/* 163 * Load dquot with limits from existing entry, or create the new entry if 164 * it does not exist. 165 */ 166static int shmem_acquire_dquot(struct dquot *dquot) 167{ 168 struct mem_dqinfo *info = sb_dqinfo(dquot->dq_sb, dquot->dq_id.type); 169 struct rb_node **n; 170 struct shmem_sb_info *sbinfo = dquot->dq_sb->s_fs_info; 171 struct rb_node *parent = NULL, *new_node = NULL; 172 struct quota_id *new_entry, *entry; 173 qid_t id = from_kqid(&init_user_ns, dquot->dq_id); 174 struct quota_info *dqopt = sb_dqopt(dquot->dq_sb); 175 int ret = 0; 176 177 mutex_lock(&dquot->dq_lock); 178 179 down_write(&dqopt->dqio_sem); 180 n = &((struct rb_root *)info->dqi_priv)->rb_node; 181 182 while (*n) { 183 parent = *n; 184 entry = rb_entry(parent, struct quota_id, node); 185 186 if (id < entry->id) 187 n = &(*n)->rb_left; 188 else if (id > entry->id) 189 n = &(*n)->rb_right; 190 else 191 goto found; 192 } 193 194 /* We don't have entry for this id yet, create it */ 195 new_entry = kzalloc(sizeof(struct quota_id), GFP_NOFS); 196 if (!new_entry) { 197 ret = -ENOMEM; 198 goto out_unlock; 199 } 200 201 new_entry->id = id; 202 if (dquot->dq_id.type == USRQUOTA) { 203 new_entry->bhardlimit = sbinfo->qlimits.usrquota_bhardlimit; 204 new_entry->ihardlimit = sbinfo->qlimits.usrquota_ihardlimit; 205 } else if (dquot->dq_id.type == GRPQUOTA) { 206 new_entry->bhardlimit = sbinfo->qlimits.grpquota_bhardlimit; 207 new_entry->ihardlimit = sbinfo->qlimits.grpquota_ihardlimit; 208 } 209 210 new_node = &new_entry->node; 211 rb_link_node(new_node, parent, n); 212 rb_insert_color(new_node, (struct rb_root *)info->dqi_priv); 213 entry = new_entry; 214 215found: 216 /* Load the stored limits from the tree */ 217 spin_lock(&dquot->dq_dqb_lock); 218 dquot->dq_dqb.dqb_bhardlimit = entry->bhardlimit; 219 dquot->dq_dqb.dqb_bsoftlimit = entry->bsoftlimit; 220 dquot->dq_dqb.dqb_ihardlimit = entry->ihardlimit; 221 dquot->dq_dqb.dqb_isoftlimit = entry->isoftlimit; 222 223 if (!dquot->dq_dqb.dqb_bhardlimit && 224 !dquot->dq_dqb.dqb_bsoftlimit && 225 !dquot->dq_dqb.dqb_ihardlimit && 226 !dquot->dq_dqb.dqb_isoftlimit) 227 set_bit(DQ_FAKE_B, &dquot->dq_flags); 228 spin_unlock(&dquot->dq_dqb_lock); 229 230 /* Make sure flags update is visible after dquot has been filled */ 231 smp_mb__before_atomic(); 232 set_bit(DQ_ACTIVE_B, &dquot->dq_flags); 233out_unlock: 234 up_write(&dqopt->dqio_sem); 235 mutex_unlock(&dquot->dq_lock); 236 return ret; 237} 238 239static bool shmem_is_empty_dquot(struct dquot *dquot) 240{ 241 struct shmem_sb_info *sbinfo = dquot->dq_sb->s_fs_info; 242 qsize_t bhardlimit; 243 qsize_t ihardlimit; 244 245 if (dquot->dq_id.type == USRQUOTA) { 246 bhardlimit = sbinfo->qlimits.usrquota_bhardlimit; 247 ihardlimit = sbinfo->qlimits.usrquota_ihardlimit; 248 } else if (dquot->dq_id.type == GRPQUOTA) { 249 bhardlimit = sbinfo->qlimits.grpquota_bhardlimit; 250 ihardlimit = sbinfo->qlimits.grpquota_ihardlimit; 251 } 252 253 if (test_bit(DQ_FAKE_B, &dquot->dq_flags) || 254 (dquot->dq_dqb.dqb_curspace == 0 && 255 dquot->dq_dqb.dqb_curinodes == 0 && 256 dquot->dq_dqb.dqb_bhardlimit == bhardlimit && 257 dquot->dq_dqb.dqb_ihardlimit == ihardlimit)) 258 return true; 259 260 return false; 261} 262/* 263 * Store limits from dquot in the tree unless it's fake. If it is fake 264 * remove the id from the tree since there is no useful information in 265 * there. 266 */ 267static int shmem_release_dquot(struct dquot *dquot) 268{ 269 struct mem_dqinfo *info = sb_dqinfo(dquot->dq_sb, dquot->dq_id.type); 270 struct rb_node *node; 271 qid_t id = from_kqid(&init_user_ns, dquot->dq_id); 272 struct quota_info *dqopt = sb_dqopt(dquot->dq_sb); 273 struct quota_id *entry = NULL; 274 275 mutex_lock(&dquot->dq_lock); 276 /* Check whether we are not racing with some other dqget() */ 277 if (dquot_is_busy(dquot)) 278 goto out_dqlock; 279 280 down_write(&dqopt->dqio_sem); 281 node = ((struct rb_root *)info->dqi_priv)->rb_node; 282 while (node) { 283 entry = rb_entry(node, struct quota_id, node); 284 285 if (id < entry->id) 286 node = node->rb_left; 287 else if (id > entry->id) 288 node = node->rb_right; 289 else 290 goto found; 291 } 292 293 /* We should always find the entry in the rb tree */ 294 WARN_ONCE(1, "quota id %u from dquot %p, not in rb tree!\n", id, dquot); 295 up_write(&dqopt->dqio_sem); 296 mutex_unlock(&dquot->dq_lock); 297 return -ENOENT; 298 299found: 300 if (shmem_is_empty_dquot(dquot)) { 301 /* Remove entry from the tree */ 302 rb_erase(&entry->node, info->dqi_priv); 303 kfree(entry); 304 } else { 305 /* Store the limits in the tree */ 306 spin_lock(&dquot->dq_dqb_lock); 307 entry->bhardlimit = dquot->dq_dqb.dqb_bhardlimit; 308 entry->bsoftlimit = dquot->dq_dqb.dqb_bsoftlimit; 309 entry->ihardlimit = dquot->dq_dqb.dqb_ihardlimit; 310 entry->isoftlimit = dquot->dq_dqb.dqb_isoftlimit; 311 spin_unlock(&dquot->dq_dqb_lock); 312 } 313 314 clear_bit(DQ_ACTIVE_B, &dquot->dq_flags); 315 up_write(&dqopt->dqio_sem); 316 317out_dqlock: 318 mutex_unlock(&dquot->dq_lock); 319 return 0; 320} 321 322static int shmem_mark_dquot_dirty(struct dquot *dquot) 323{ 324 return 0; 325} 326 327static int shmem_dquot_write_info(struct super_block *sb, int type) 328{ 329 return 0; 330} 331 332static const struct quota_format_ops shmem_format_ops = { 333 .check_quota_file = shmem_check_quota_file, 334 .read_file_info = shmem_read_file_info, 335 .write_file_info = shmem_write_file_info, 336 .free_file_info = shmem_free_file_info, 337}; 338 339struct quota_format_type shmem_quota_format = { 340 .qf_fmt_id = QFMT_SHMEM, 341 .qf_ops = &shmem_format_ops, 342 .qf_owner = THIS_MODULE 343}; 344 345const struct dquot_operations shmem_quota_operations = { 346 .acquire_dquot = shmem_acquire_dquot, 347 .release_dquot = shmem_release_dquot, 348 .alloc_dquot = dquot_alloc, 349 .destroy_dquot = dquot_destroy, 350 .write_info = shmem_dquot_write_info, 351 .mark_dirty = shmem_mark_dquot_dirty, 352 .get_next_id = shmem_get_next_id, 353}; 354#endif /* CONFIG_TMPFS_QUOTA */ 355