1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * Copyright (C) 2011 STRATO. All rights reserved. 4 */ 5 6 #include <linux/sched.h> 7 #include <linux/pagemap.h> 8 #include <linux/writeback.h> 9 #include <linux/blkdev.h> 10 #include <linux/rbtree.h> 11 #include <linux/slab.h> 12 #include <linux/workqueue.h> 13 #include <linux/btrfs.h> 14 #include <linux/sched/mm.h> 15 16 #include "ctree.h" 17 #include "transaction.h" 18 #include "disk-io.h" 19 #include "locking.h" 20 #include "ulist.h" 21 #include "backref.h" 22 #include "extent_io.h" 23 #include "qgroup.h" 24 #include "block-group.h" 25 #include "sysfs.h" 26 #include "tree-mod-log.h" 27 #include "fs.h" 28 #include "accessors.h" 29 #include "extent-tree.h" 30 #include "root-tree.h" 31 #include "tree-checker.h" 32 33 enum btrfs_qgroup_mode btrfs_qgroup_mode(const struct btrfs_fs_info *fs_info) 34 { 35 if (!test_bit(BTRFS_FS_QUOTA_ENABLED, &fs_info->flags)) 36 return BTRFS_QGROUP_MODE_DISABLED; 37 if (fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_SIMPLE_MODE) 38 return BTRFS_QGROUP_MODE_SIMPLE; 39 return BTRFS_QGROUP_MODE_FULL; 40 } 41 42 bool btrfs_qgroup_enabled(const struct btrfs_fs_info *fs_info) 43 { 44 return btrfs_qgroup_mode(fs_info) != BTRFS_QGROUP_MODE_DISABLED; 45 } 46 47 bool btrfs_qgroup_full_accounting(const struct btrfs_fs_info *fs_info) 48 { 49 return btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_FULL; 50 } 51 52 /* 53 * Helpers to access qgroup reservation 54 * 55 * Callers should ensure the lock context and type are valid 56 */ 57 58 static u64 qgroup_rsv_total(const struct btrfs_qgroup *qgroup) 59 { 60 u64 ret = 0; 61 int i; 62 63 for (i = 0; i < BTRFS_QGROUP_RSV_LAST; i++) 64 ret += qgroup->rsv.values[i]; 65 66 return ret; 67 } 68 69 #ifdef CONFIG_BTRFS_DEBUG 70 static const char *qgroup_rsv_type_str(enum btrfs_qgroup_rsv_type type) 71 { 72 if (type == BTRFS_QGROUP_RSV_DATA) 73 return "data"; 74 if (type == BTRFS_QGROUP_RSV_META_PERTRANS) 75 return "meta_pertrans"; 76 if (type == BTRFS_QGROUP_RSV_META_PREALLOC) 77 return "meta_prealloc"; 78 return NULL; 79 } 80 #endif 81 82 static void qgroup_rsv_add(struct btrfs_fs_info *fs_info, 83 struct btrfs_qgroup *qgroup, u64 num_bytes, 84 enum btrfs_qgroup_rsv_type type) 85 { 86 trace_btrfs_qgroup_update_reserve(fs_info, qgroup, num_bytes, type); 87 qgroup->rsv.values[type] += num_bytes; 88 } 89 90 static void qgroup_rsv_release(struct btrfs_fs_info *fs_info, 91 struct btrfs_qgroup *qgroup, u64 num_bytes, 92 enum btrfs_qgroup_rsv_type type) 93 { 94 trace_btrfs_qgroup_update_reserve(fs_info, qgroup, -(s64)num_bytes, type); 95 if (qgroup->rsv.values[type] >= num_bytes) { 96 qgroup->rsv.values[type] -= num_bytes; 97 return; 98 } 99 #ifdef CONFIG_BTRFS_DEBUG 100 WARN_RATELIMIT(1, 101 "qgroup %llu %s reserved space underflow, have %llu to free %llu", 102 qgroup->qgroupid, qgroup_rsv_type_str(type), 103 qgroup->rsv.values[type], num_bytes); 104 #endif 105 qgroup->rsv.values[type] = 0; 106 } 107 108 static void qgroup_rsv_add_by_qgroup(struct btrfs_fs_info *fs_info, 109 struct btrfs_qgroup *dest, 110 const struct btrfs_qgroup *src) 111 { 112 int i; 113 114 for (i = 0; i < BTRFS_QGROUP_RSV_LAST; i++) 115 qgroup_rsv_add(fs_info, dest, src->rsv.values[i], i); 116 } 117 118 static void qgroup_rsv_release_by_qgroup(struct btrfs_fs_info *fs_info, 119 struct btrfs_qgroup *dest, 120 const struct btrfs_qgroup *src) 121 { 122 int i; 123 124 for (i = 0; i < BTRFS_QGROUP_RSV_LAST; i++) 125 qgroup_rsv_release(fs_info, dest, src->rsv.values[i], i); 126 } 127 128 static void btrfs_qgroup_update_old_refcnt(struct btrfs_qgroup *qg, u64 seq, 129 int mod) 130 { 131 if (qg->old_refcnt < seq) 132 qg->old_refcnt = seq; 133 qg->old_refcnt += mod; 134 } 135 136 static void btrfs_qgroup_update_new_refcnt(struct btrfs_qgroup *qg, u64 seq, 137 int mod) 138 { 139 if (qg->new_refcnt < seq) 140 qg->new_refcnt = seq; 141 qg->new_refcnt += mod; 142 } 143 144 static inline u64 btrfs_qgroup_get_old_refcnt(const struct btrfs_qgroup *qg, u64 seq) 145 { 146 if (qg->old_refcnt < seq) 147 return 0; 148 return qg->old_refcnt - seq; 149 } 150 151 static inline u64 btrfs_qgroup_get_new_refcnt(const struct btrfs_qgroup *qg, u64 seq) 152 { 153 if (qg->new_refcnt < seq) 154 return 0; 155 return qg->new_refcnt - seq; 156 } 157 158 static int 159 qgroup_rescan_init(struct btrfs_fs_info *fs_info, u64 progress_objectid, 160 int init_flags); 161 static void qgroup_rescan_zero_tracking(struct btrfs_fs_info *fs_info); 162 163 /* must be called with qgroup_ioctl_lock held */ 164 static struct btrfs_qgroup *find_qgroup_rb(const struct btrfs_fs_info *fs_info, 165 u64 qgroupid) 166 { 167 struct rb_node *n = fs_info->qgroup_tree.rb_node; 168 struct btrfs_qgroup *qgroup; 169 170 while (n) { 171 qgroup = rb_entry(n, struct btrfs_qgroup, node); 172 if (qgroup->qgroupid < qgroupid) 173 n = n->rb_left; 174 else if (qgroup->qgroupid > qgroupid) 175 n = n->rb_right; 176 else 177 return qgroup; 178 } 179 return NULL; 180 } 181 182 /* 183 * Add qgroup to the filesystem's qgroup tree. 184 * 185 * Must be called with qgroup_lock held and @prealloc preallocated. 186 * 187 * The control on the lifespan of @prealloc would be transferred to this 188 * function, thus caller should no longer touch @prealloc. 189 */ 190 static struct btrfs_qgroup *add_qgroup_rb(struct btrfs_fs_info *fs_info, 191 struct btrfs_qgroup *prealloc, 192 u64 qgroupid) 193 { 194 struct rb_node **p = &fs_info->qgroup_tree.rb_node; 195 struct rb_node *parent = NULL; 196 struct btrfs_qgroup *qgroup; 197 198 /* Caller must have pre-allocated @prealloc. */ 199 ASSERT(prealloc); 200 201 while (*p) { 202 parent = *p; 203 qgroup = rb_entry(parent, struct btrfs_qgroup, node); 204 205 if (qgroup->qgroupid < qgroupid) { 206 p = &(*p)->rb_left; 207 } else if (qgroup->qgroupid > qgroupid) { 208 p = &(*p)->rb_right; 209 } else { 210 kfree(prealloc); 211 return qgroup; 212 } 213 } 214 215 qgroup = prealloc; 216 qgroup->qgroupid = qgroupid; 217 INIT_LIST_HEAD(&qgroup->groups); 218 INIT_LIST_HEAD(&qgroup->members); 219 INIT_LIST_HEAD(&qgroup->dirty); 220 INIT_LIST_HEAD(&qgroup->iterator); 221 INIT_LIST_HEAD(&qgroup->nested_iterator); 222 223 rb_link_node(&qgroup->node, parent, p); 224 rb_insert_color(&qgroup->node, &fs_info->qgroup_tree); 225 226 return qgroup; 227 } 228 229 static void __del_qgroup_rb(struct btrfs_qgroup *qgroup) 230 { 231 struct btrfs_qgroup_list *list; 232 233 list_del(&qgroup->dirty); 234 while (!list_empty(&qgroup->groups)) { 235 list = list_first_entry(&qgroup->groups, 236 struct btrfs_qgroup_list, next_group); 237 list_del(&list->next_group); 238 list_del(&list->next_member); 239 kfree(list); 240 } 241 242 while (!list_empty(&qgroup->members)) { 243 list = list_first_entry(&qgroup->members, 244 struct btrfs_qgroup_list, next_member); 245 list_del(&list->next_group); 246 list_del(&list->next_member); 247 kfree(list); 248 } 249 } 250 251 /* must be called with qgroup_lock held */ 252 static int del_qgroup_rb(struct btrfs_fs_info *fs_info, u64 qgroupid) 253 { 254 struct btrfs_qgroup *qgroup = find_qgroup_rb(fs_info, qgroupid); 255 256 if (!qgroup) 257 return -ENOENT; 258 259 rb_erase(&qgroup->node, &fs_info->qgroup_tree); 260 __del_qgroup_rb(qgroup); 261 return 0; 262 } 263 264 /* 265 * Add relation specified by two qgroups. 266 * 267 * Must be called with qgroup_lock held, the ownership of @prealloc is 268 * transferred to this function and caller should not touch it anymore. 269 * 270 * Return: 0 on success 271 * -ENOENT if one of the qgroups is NULL 272 * <0 other errors 273 */ 274 static int __add_relation_rb(struct btrfs_qgroup_list *prealloc, 275 struct btrfs_qgroup *member, 276 struct btrfs_qgroup *parent) 277 { 278 if (!member || !parent) { 279 kfree(prealloc); 280 return -ENOENT; 281 } 282 283 prealloc->group = parent; 284 prealloc->member = member; 285 list_add_tail(&prealloc->next_group, &member->groups); 286 list_add_tail(&prealloc->next_member, &parent->members); 287 288 return 0; 289 } 290 291 /* 292 * Add relation specified by two qgroup ids. 293 * 294 * Must be called with qgroup_lock held. 295 * 296 * Return: 0 on success 297 * -ENOENT if one of the ids does not exist 298 * <0 other errors 299 */ 300 static int add_relation_rb(struct btrfs_fs_info *fs_info, 301 struct btrfs_qgroup_list *prealloc, 302 u64 memberid, u64 parentid) 303 { 304 struct btrfs_qgroup *member; 305 struct btrfs_qgroup *parent; 306 307 member = find_qgroup_rb(fs_info, memberid); 308 parent = find_qgroup_rb(fs_info, parentid); 309 310 return __add_relation_rb(prealloc, member, parent); 311 } 312 313 /* Must be called with qgroup_lock held */ 314 static int del_relation_rb(struct btrfs_fs_info *fs_info, 315 u64 memberid, u64 parentid) 316 { 317 struct btrfs_qgroup *member; 318 struct btrfs_qgroup *parent; 319 struct btrfs_qgroup_list *list; 320 321 member = find_qgroup_rb(fs_info, memberid); 322 parent = find_qgroup_rb(fs_info, parentid); 323 if (!member || !parent) 324 return -ENOENT; 325 326 list_for_each_entry(list, &member->groups, next_group) { 327 if (list->group == parent) { 328 list_del(&list->next_group); 329 list_del(&list->next_member); 330 kfree(list); 331 return 0; 332 } 333 } 334 return -ENOENT; 335 } 336 337 #ifdef CONFIG_BTRFS_FS_RUN_SANITY_TESTS 338 int btrfs_verify_qgroup_counts(const struct btrfs_fs_info *fs_info, u64 qgroupid, 339 u64 rfer, u64 excl) 340 { 341 struct btrfs_qgroup *qgroup; 342 343 qgroup = find_qgroup_rb(fs_info, qgroupid); 344 if (!qgroup) 345 return -EINVAL; 346 if (qgroup->rfer != rfer || qgroup->excl != excl) 347 return -EINVAL; 348 return 0; 349 } 350 #endif 351 352 static void qgroup_mark_inconsistent(struct btrfs_fs_info *fs_info) 353 { 354 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_SIMPLE) 355 return; 356 fs_info->qgroup_flags |= (BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT | 357 BTRFS_QGROUP_RUNTIME_FLAG_CANCEL_RESCAN | 358 BTRFS_QGROUP_RUNTIME_FLAG_NO_ACCOUNTING); 359 } 360 361 static void qgroup_read_enable_gen(struct btrfs_fs_info *fs_info, 362 struct extent_buffer *leaf, int slot, 363 struct btrfs_qgroup_status_item *ptr) 364 { 365 ASSERT(btrfs_fs_incompat(fs_info, SIMPLE_QUOTA)); 366 ASSERT(btrfs_item_size(leaf, slot) >= sizeof(*ptr)); 367 fs_info->qgroup_enable_gen = btrfs_qgroup_status_enable_gen(leaf, ptr); 368 } 369 370 /* 371 * The full config is read in one go, only called from open_ctree() 372 * It doesn't use any locking, as at this point we're still single-threaded 373 */ 374 int btrfs_read_qgroup_config(struct btrfs_fs_info *fs_info) 375 { 376 struct btrfs_key key; 377 struct btrfs_key found_key; 378 struct btrfs_root *quota_root = fs_info->quota_root; 379 struct btrfs_path *path = NULL; 380 struct extent_buffer *l; 381 int slot; 382 int ret = 0; 383 u64 flags = 0; 384 u64 rescan_progress = 0; 385 386 if (!fs_info->quota_root) 387 return 0; 388 389 fs_info->qgroup_ulist = ulist_alloc(GFP_KERNEL); 390 if (!fs_info->qgroup_ulist) { 391 ret = -ENOMEM; 392 goto out; 393 } 394 395 path = btrfs_alloc_path(); 396 if (!path) { 397 ret = -ENOMEM; 398 goto out; 399 } 400 401 ret = btrfs_sysfs_add_qgroups(fs_info); 402 if (ret < 0) 403 goto out; 404 /* default this to quota off, in case no status key is found */ 405 fs_info->qgroup_flags = 0; 406 407 /* 408 * pass 1: read status, all qgroup infos and limits 409 */ 410 key.objectid = 0; 411 key.type = 0; 412 key.offset = 0; 413 ret = btrfs_search_slot_for_read(quota_root, &key, path, 1, 1); 414 if (ret) 415 goto out; 416 417 while (1) { 418 struct btrfs_qgroup *qgroup; 419 420 slot = path->slots[0]; 421 l = path->nodes[0]; 422 btrfs_item_key_to_cpu(l, &found_key, slot); 423 424 if (found_key.type == BTRFS_QGROUP_STATUS_KEY) { 425 struct btrfs_qgroup_status_item *ptr; 426 427 ptr = btrfs_item_ptr(l, slot, 428 struct btrfs_qgroup_status_item); 429 430 if (btrfs_qgroup_status_version(l, ptr) != 431 BTRFS_QGROUP_STATUS_VERSION) { 432 btrfs_err(fs_info, 433 "old qgroup version, quota disabled"); 434 goto out; 435 } 436 fs_info->qgroup_flags = btrfs_qgroup_status_flags(l, ptr); 437 if (fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_SIMPLE_MODE) { 438 qgroup_read_enable_gen(fs_info, l, slot, ptr); 439 } else if (btrfs_qgroup_status_generation(l, ptr) != fs_info->generation) { 440 qgroup_mark_inconsistent(fs_info); 441 btrfs_err(fs_info, 442 "qgroup generation mismatch, marked as inconsistent"); 443 } 444 rescan_progress = btrfs_qgroup_status_rescan(l, ptr); 445 goto next1; 446 } 447 448 if (found_key.type != BTRFS_QGROUP_INFO_KEY && 449 found_key.type != BTRFS_QGROUP_LIMIT_KEY) 450 goto next1; 451 452 qgroup = find_qgroup_rb(fs_info, found_key.offset); 453 if ((qgroup && found_key.type == BTRFS_QGROUP_INFO_KEY) || 454 (!qgroup && found_key.type == BTRFS_QGROUP_LIMIT_KEY)) { 455 btrfs_err(fs_info, "inconsistent qgroup config"); 456 qgroup_mark_inconsistent(fs_info); 457 } 458 if (!qgroup) { 459 struct btrfs_qgroup *prealloc; 460 struct btrfs_root *tree_root = fs_info->tree_root; 461 462 prealloc = kzalloc(sizeof(*prealloc), GFP_KERNEL); 463 if (!prealloc) { 464 ret = -ENOMEM; 465 goto out; 466 } 467 qgroup = add_qgroup_rb(fs_info, prealloc, found_key.offset); 468 /* 469 * If a qgroup exists for a subvolume ID, it is possible 470 * that subvolume has been deleted, in which case 471 * reusing that ID would lead to incorrect accounting. 472 * 473 * Ensure that we skip any such subvol ids. 474 * 475 * We don't need to lock because this is only called 476 * during mount before we start doing things like creating 477 * subvolumes. 478 */ 479 if (is_fstree(qgroup->qgroupid) && 480 qgroup->qgroupid > tree_root->free_objectid) 481 /* 482 * Don't need to check against BTRFS_LAST_FREE_OBJECTID, 483 * as it will get checked on the next call to 484 * btrfs_get_free_objectid. 485 */ 486 tree_root->free_objectid = qgroup->qgroupid + 1; 487 } 488 ret = btrfs_sysfs_add_one_qgroup(fs_info, qgroup); 489 if (ret < 0) 490 goto out; 491 492 switch (found_key.type) { 493 case BTRFS_QGROUP_INFO_KEY: { 494 struct btrfs_qgroup_info_item *ptr; 495 496 ptr = btrfs_item_ptr(l, slot, 497 struct btrfs_qgroup_info_item); 498 qgroup->rfer = btrfs_qgroup_info_rfer(l, ptr); 499 qgroup->rfer_cmpr = btrfs_qgroup_info_rfer_cmpr(l, ptr); 500 qgroup->excl = btrfs_qgroup_info_excl(l, ptr); 501 qgroup->excl_cmpr = btrfs_qgroup_info_excl_cmpr(l, ptr); 502 /* generation currently unused */ 503 break; 504 } 505 case BTRFS_QGROUP_LIMIT_KEY: { 506 struct btrfs_qgroup_limit_item *ptr; 507 508 ptr = btrfs_item_ptr(l, slot, 509 struct btrfs_qgroup_limit_item); 510 qgroup->lim_flags = btrfs_qgroup_limit_flags(l, ptr); 511 qgroup->max_rfer = btrfs_qgroup_limit_max_rfer(l, ptr); 512 qgroup->max_excl = btrfs_qgroup_limit_max_excl(l, ptr); 513 qgroup->rsv_rfer = btrfs_qgroup_limit_rsv_rfer(l, ptr); 514 qgroup->rsv_excl = btrfs_qgroup_limit_rsv_excl(l, ptr); 515 break; 516 } 517 } 518 next1: 519 ret = btrfs_next_item(quota_root, path); 520 if (ret < 0) 521 goto out; 522 if (ret) 523 break; 524 } 525 btrfs_release_path(path); 526 527 /* 528 * pass 2: read all qgroup relations 529 */ 530 key.objectid = 0; 531 key.type = BTRFS_QGROUP_RELATION_KEY; 532 key.offset = 0; 533 ret = btrfs_search_slot_for_read(quota_root, &key, path, 1, 0); 534 if (ret) 535 goto out; 536 while (1) { 537 struct btrfs_qgroup_list *list = NULL; 538 539 slot = path->slots[0]; 540 l = path->nodes[0]; 541 btrfs_item_key_to_cpu(l, &found_key, slot); 542 543 if (found_key.type != BTRFS_QGROUP_RELATION_KEY) 544 goto next2; 545 546 if (found_key.objectid > found_key.offset) { 547 /* parent <- member, not needed to build config */ 548 /* FIXME should we omit the key completely? */ 549 goto next2; 550 } 551 552 list = kzalloc(sizeof(*list), GFP_KERNEL); 553 if (!list) { 554 ret = -ENOMEM; 555 goto out; 556 } 557 ret = add_relation_rb(fs_info, list, found_key.objectid, 558 found_key.offset); 559 list = NULL; 560 if (ret == -ENOENT) { 561 btrfs_warn(fs_info, 562 "orphan qgroup relation 0x%llx->0x%llx", 563 found_key.objectid, found_key.offset); 564 ret = 0; /* ignore the error */ 565 } 566 if (ret) 567 goto out; 568 next2: 569 ret = btrfs_next_item(quota_root, path); 570 if (ret < 0) 571 goto out; 572 if (ret) 573 break; 574 } 575 out: 576 btrfs_free_path(path); 577 fs_info->qgroup_flags |= flags; 578 if (ret >= 0) { 579 if (fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_ON) 580 set_bit(BTRFS_FS_QUOTA_ENABLED, &fs_info->flags); 581 if (fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_RESCAN) 582 ret = qgroup_rescan_init(fs_info, rescan_progress, 0); 583 } else { 584 ulist_free(fs_info->qgroup_ulist); 585 fs_info->qgroup_ulist = NULL; 586 fs_info->qgroup_flags &= ~BTRFS_QGROUP_STATUS_FLAG_RESCAN; 587 btrfs_sysfs_del_qgroups(fs_info); 588 } 589 590 return ret < 0 ? ret : 0; 591 } 592 593 /* 594 * Called in close_ctree() when quota is still enabled. This verifies we don't 595 * leak some reserved space. 596 * 597 * Return false if no reserved space is left. 598 * Return true if some reserved space is leaked. 599 */ 600 bool btrfs_check_quota_leak(const struct btrfs_fs_info *fs_info) 601 { 602 struct rb_node *node; 603 bool ret = false; 604 605 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_DISABLED) 606 return ret; 607 /* 608 * Since we're unmounting, there is no race and no need to grab qgroup 609 * lock. And here we don't go post-order to provide a more user 610 * friendly sorted result. 611 */ 612 for (node = rb_first(&fs_info->qgroup_tree); node; node = rb_next(node)) { 613 struct btrfs_qgroup *qgroup; 614 int i; 615 616 qgroup = rb_entry(node, struct btrfs_qgroup, node); 617 for (i = 0; i < BTRFS_QGROUP_RSV_LAST; i++) { 618 if (qgroup->rsv.values[i]) { 619 ret = true; 620 btrfs_warn(fs_info, 621 "qgroup %hu/%llu has unreleased space, type %d rsv %llu", 622 btrfs_qgroup_level(qgroup->qgroupid), 623 btrfs_qgroup_subvolid(qgroup->qgroupid), 624 i, qgroup->rsv.values[i]); 625 } 626 } 627 } 628 return ret; 629 } 630 631 /* 632 * This is called from close_ctree() or open_ctree() or btrfs_quota_disable(), 633 * first two are in single-threaded paths.And for the third one, we have set 634 * quota_root to be null with qgroup_lock held before, so it is safe to clean 635 * up the in-memory structures without qgroup_lock held. 636 */ 637 void btrfs_free_qgroup_config(struct btrfs_fs_info *fs_info) 638 { 639 struct rb_node *n; 640 struct btrfs_qgroup *qgroup; 641 642 while ((n = rb_first(&fs_info->qgroup_tree))) { 643 qgroup = rb_entry(n, struct btrfs_qgroup, node); 644 rb_erase(n, &fs_info->qgroup_tree); 645 __del_qgroup_rb(qgroup); 646 btrfs_sysfs_del_one_qgroup(fs_info, qgroup); 647 kfree(qgroup); 648 } 649 /* 650 * We call btrfs_free_qgroup_config() when unmounting 651 * filesystem and disabling quota, so we set qgroup_ulist 652 * to be null here to avoid double free. 653 */ 654 ulist_free(fs_info->qgroup_ulist); 655 fs_info->qgroup_ulist = NULL; 656 btrfs_sysfs_del_qgroups(fs_info); 657 } 658 659 static int add_qgroup_relation_item(struct btrfs_trans_handle *trans, u64 src, 660 u64 dst) 661 { 662 int ret; 663 struct btrfs_root *quota_root = trans->fs_info->quota_root; 664 struct btrfs_path *path; 665 struct btrfs_key key; 666 667 path = btrfs_alloc_path(); 668 if (!path) 669 return -ENOMEM; 670 671 key.objectid = src; 672 key.type = BTRFS_QGROUP_RELATION_KEY; 673 key.offset = dst; 674 675 ret = btrfs_insert_empty_item(trans, quota_root, path, &key, 0); 676 btrfs_free_path(path); 677 return ret; 678 } 679 680 static int del_qgroup_relation_item(struct btrfs_trans_handle *trans, u64 src, 681 u64 dst) 682 { 683 int ret; 684 struct btrfs_root *quota_root = trans->fs_info->quota_root; 685 struct btrfs_path *path; 686 struct btrfs_key key; 687 688 path = btrfs_alloc_path(); 689 if (!path) 690 return -ENOMEM; 691 692 key.objectid = src; 693 key.type = BTRFS_QGROUP_RELATION_KEY; 694 key.offset = dst; 695 696 ret = btrfs_search_slot(trans, quota_root, &key, path, -1, 1); 697 if (ret < 0) 698 goto out; 699 700 if (ret > 0) { 701 ret = -ENOENT; 702 goto out; 703 } 704 705 ret = btrfs_del_item(trans, quota_root, path); 706 out: 707 btrfs_free_path(path); 708 return ret; 709 } 710 711 static int add_qgroup_item(struct btrfs_trans_handle *trans, 712 struct btrfs_root *quota_root, u64 qgroupid) 713 { 714 int ret; 715 struct btrfs_path *path; 716 struct btrfs_qgroup_info_item *qgroup_info; 717 struct btrfs_qgroup_limit_item *qgroup_limit; 718 struct extent_buffer *leaf; 719 struct btrfs_key key; 720 721 if (btrfs_is_testing(quota_root->fs_info)) 722 return 0; 723 724 path = btrfs_alloc_path(); 725 if (!path) 726 return -ENOMEM; 727 728 key.objectid = 0; 729 key.type = BTRFS_QGROUP_INFO_KEY; 730 key.offset = qgroupid; 731 732 /* 733 * Avoid a transaction abort by catching -EEXIST here. In that 734 * case, we proceed by re-initializing the existing structure 735 * on disk. 736 */ 737 738 ret = btrfs_insert_empty_item(trans, quota_root, path, &key, 739 sizeof(*qgroup_info)); 740 if (ret && ret != -EEXIST) 741 goto out; 742 743 leaf = path->nodes[0]; 744 qgroup_info = btrfs_item_ptr(leaf, path->slots[0], 745 struct btrfs_qgroup_info_item); 746 btrfs_set_qgroup_info_generation(leaf, qgroup_info, trans->transid); 747 btrfs_set_qgroup_info_rfer(leaf, qgroup_info, 0); 748 btrfs_set_qgroup_info_rfer_cmpr(leaf, qgroup_info, 0); 749 btrfs_set_qgroup_info_excl(leaf, qgroup_info, 0); 750 btrfs_set_qgroup_info_excl_cmpr(leaf, qgroup_info, 0); 751 752 btrfs_release_path(path); 753 754 key.type = BTRFS_QGROUP_LIMIT_KEY; 755 ret = btrfs_insert_empty_item(trans, quota_root, path, &key, 756 sizeof(*qgroup_limit)); 757 if (ret && ret != -EEXIST) 758 goto out; 759 760 leaf = path->nodes[0]; 761 qgroup_limit = btrfs_item_ptr(leaf, path->slots[0], 762 struct btrfs_qgroup_limit_item); 763 btrfs_set_qgroup_limit_flags(leaf, qgroup_limit, 0); 764 btrfs_set_qgroup_limit_max_rfer(leaf, qgroup_limit, 0); 765 btrfs_set_qgroup_limit_max_excl(leaf, qgroup_limit, 0); 766 btrfs_set_qgroup_limit_rsv_rfer(leaf, qgroup_limit, 0); 767 btrfs_set_qgroup_limit_rsv_excl(leaf, qgroup_limit, 0); 768 769 ret = 0; 770 out: 771 btrfs_free_path(path); 772 return ret; 773 } 774 775 static int del_qgroup_item(struct btrfs_trans_handle *trans, u64 qgroupid) 776 { 777 int ret; 778 struct btrfs_root *quota_root = trans->fs_info->quota_root; 779 struct btrfs_path *path; 780 struct btrfs_key key; 781 782 path = btrfs_alloc_path(); 783 if (!path) 784 return -ENOMEM; 785 786 key.objectid = 0; 787 key.type = BTRFS_QGROUP_INFO_KEY; 788 key.offset = qgroupid; 789 ret = btrfs_search_slot(trans, quota_root, &key, path, -1, 1); 790 if (ret < 0) 791 goto out; 792 793 if (ret > 0) { 794 ret = -ENOENT; 795 goto out; 796 } 797 798 ret = btrfs_del_item(trans, quota_root, path); 799 if (ret) 800 goto out; 801 802 btrfs_release_path(path); 803 804 key.type = BTRFS_QGROUP_LIMIT_KEY; 805 ret = btrfs_search_slot(trans, quota_root, &key, path, -1, 1); 806 if (ret < 0) 807 goto out; 808 809 if (ret > 0) { 810 ret = -ENOENT; 811 goto out; 812 } 813 814 ret = btrfs_del_item(trans, quota_root, path); 815 816 out: 817 btrfs_free_path(path); 818 return ret; 819 } 820 821 static int update_qgroup_limit_item(struct btrfs_trans_handle *trans, 822 struct btrfs_qgroup *qgroup) 823 { 824 struct btrfs_root *quota_root = trans->fs_info->quota_root; 825 struct btrfs_path *path; 826 struct btrfs_key key; 827 struct extent_buffer *l; 828 struct btrfs_qgroup_limit_item *qgroup_limit; 829 int ret; 830 int slot; 831 832 key.objectid = 0; 833 key.type = BTRFS_QGROUP_LIMIT_KEY; 834 key.offset = qgroup->qgroupid; 835 836 path = btrfs_alloc_path(); 837 if (!path) 838 return -ENOMEM; 839 840 ret = btrfs_search_slot(trans, quota_root, &key, path, 0, 1); 841 if (ret > 0) 842 ret = -ENOENT; 843 844 if (ret) 845 goto out; 846 847 l = path->nodes[0]; 848 slot = path->slots[0]; 849 qgroup_limit = btrfs_item_ptr(l, slot, struct btrfs_qgroup_limit_item); 850 btrfs_set_qgroup_limit_flags(l, qgroup_limit, qgroup->lim_flags); 851 btrfs_set_qgroup_limit_max_rfer(l, qgroup_limit, qgroup->max_rfer); 852 btrfs_set_qgroup_limit_max_excl(l, qgroup_limit, qgroup->max_excl); 853 btrfs_set_qgroup_limit_rsv_rfer(l, qgroup_limit, qgroup->rsv_rfer); 854 btrfs_set_qgroup_limit_rsv_excl(l, qgroup_limit, qgroup->rsv_excl); 855 out: 856 btrfs_free_path(path); 857 return ret; 858 } 859 860 static int update_qgroup_info_item(struct btrfs_trans_handle *trans, 861 struct btrfs_qgroup *qgroup) 862 { 863 struct btrfs_fs_info *fs_info = trans->fs_info; 864 struct btrfs_root *quota_root = fs_info->quota_root; 865 struct btrfs_path *path; 866 struct btrfs_key key; 867 struct extent_buffer *l; 868 struct btrfs_qgroup_info_item *qgroup_info; 869 int ret; 870 int slot; 871 872 if (btrfs_is_testing(fs_info)) 873 return 0; 874 875 key.objectid = 0; 876 key.type = BTRFS_QGROUP_INFO_KEY; 877 key.offset = qgroup->qgroupid; 878 879 path = btrfs_alloc_path(); 880 if (!path) 881 return -ENOMEM; 882 883 ret = btrfs_search_slot(trans, quota_root, &key, path, 0, 1); 884 if (ret > 0) 885 ret = -ENOENT; 886 887 if (ret) 888 goto out; 889 890 l = path->nodes[0]; 891 slot = path->slots[0]; 892 qgroup_info = btrfs_item_ptr(l, slot, struct btrfs_qgroup_info_item); 893 btrfs_set_qgroup_info_generation(l, qgroup_info, trans->transid); 894 btrfs_set_qgroup_info_rfer(l, qgroup_info, qgroup->rfer); 895 btrfs_set_qgroup_info_rfer_cmpr(l, qgroup_info, qgroup->rfer_cmpr); 896 btrfs_set_qgroup_info_excl(l, qgroup_info, qgroup->excl); 897 btrfs_set_qgroup_info_excl_cmpr(l, qgroup_info, qgroup->excl_cmpr); 898 out: 899 btrfs_free_path(path); 900 return ret; 901 } 902 903 static int update_qgroup_status_item(struct btrfs_trans_handle *trans) 904 { 905 struct btrfs_fs_info *fs_info = trans->fs_info; 906 struct btrfs_root *quota_root = fs_info->quota_root; 907 struct btrfs_path *path; 908 struct btrfs_key key; 909 struct extent_buffer *l; 910 struct btrfs_qgroup_status_item *ptr; 911 int ret; 912 int slot; 913 914 key.objectid = 0; 915 key.type = BTRFS_QGROUP_STATUS_KEY; 916 key.offset = 0; 917 918 path = btrfs_alloc_path(); 919 if (!path) 920 return -ENOMEM; 921 922 ret = btrfs_search_slot(trans, quota_root, &key, path, 0, 1); 923 if (ret > 0) 924 ret = -ENOENT; 925 926 if (ret) 927 goto out; 928 929 l = path->nodes[0]; 930 slot = path->slots[0]; 931 ptr = btrfs_item_ptr(l, slot, struct btrfs_qgroup_status_item); 932 btrfs_set_qgroup_status_flags(l, ptr, fs_info->qgroup_flags & 933 BTRFS_QGROUP_STATUS_FLAGS_MASK); 934 btrfs_set_qgroup_status_generation(l, ptr, trans->transid); 935 btrfs_set_qgroup_status_rescan(l, ptr, 936 fs_info->qgroup_rescan_progress.objectid); 937 out: 938 btrfs_free_path(path); 939 return ret; 940 } 941 942 /* 943 * called with qgroup_lock held 944 */ 945 static int btrfs_clean_quota_tree(struct btrfs_trans_handle *trans, 946 struct btrfs_root *root) 947 { 948 struct btrfs_path *path; 949 struct btrfs_key key; 950 struct extent_buffer *leaf = NULL; 951 int ret; 952 int nr = 0; 953 954 path = btrfs_alloc_path(); 955 if (!path) 956 return -ENOMEM; 957 958 key.objectid = 0; 959 key.type = 0; 960 key.offset = 0; 961 962 while (1) { 963 ret = btrfs_search_slot(trans, root, &key, path, -1, 1); 964 if (ret < 0) 965 goto out; 966 leaf = path->nodes[0]; 967 nr = btrfs_header_nritems(leaf); 968 if (!nr) 969 break; 970 /* 971 * delete the leaf one by one 972 * since the whole tree is going 973 * to be deleted. 974 */ 975 path->slots[0] = 0; 976 ret = btrfs_del_items(trans, root, path, 0, nr); 977 if (ret) 978 goto out; 979 980 btrfs_release_path(path); 981 } 982 ret = 0; 983 out: 984 btrfs_free_path(path); 985 return ret; 986 } 987 988 int btrfs_quota_enable(struct btrfs_fs_info *fs_info, 989 struct btrfs_ioctl_quota_ctl_args *quota_ctl_args) 990 { 991 struct btrfs_root *quota_root; 992 struct btrfs_root *tree_root = fs_info->tree_root; 993 struct btrfs_path *path = NULL; 994 struct btrfs_qgroup_status_item *ptr; 995 struct extent_buffer *leaf; 996 struct btrfs_key key; 997 struct btrfs_key found_key; 998 struct btrfs_qgroup *qgroup = NULL; 999 struct btrfs_qgroup *prealloc = NULL; 1000 struct btrfs_trans_handle *trans = NULL; 1001 struct ulist *ulist = NULL; 1002 const bool simple = (quota_ctl_args->cmd == BTRFS_QUOTA_CTL_ENABLE_SIMPLE_QUOTA); 1003 int ret = 0; 1004 int slot; 1005 1006 /* 1007 * We need to have subvol_sem write locked, to prevent races between 1008 * concurrent tasks trying to enable quotas, because we will unlock 1009 * and relock qgroup_ioctl_lock before setting fs_info->quota_root 1010 * and before setting BTRFS_FS_QUOTA_ENABLED. 1011 */ 1012 lockdep_assert_held_write(&fs_info->subvol_sem); 1013 1014 if (btrfs_fs_incompat(fs_info, EXTENT_TREE_V2)) { 1015 btrfs_err(fs_info, 1016 "qgroups are currently unsupported in extent tree v2"); 1017 return -EINVAL; 1018 } 1019 1020 mutex_lock(&fs_info->qgroup_ioctl_lock); 1021 if (fs_info->quota_root) 1022 goto out; 1023 1024 ulist = ulist_alloc(GFP_KERNEL); 1025 if (!ulist) { 1026 ret = -ENOMEM; 1027 goto out; 1028 } 1029 1030 ret = btrfs_sysfs_add_qgroups(fs_info); 1031 if (ret < 0) 1032 goto out; 1033 1034 /* 1035 * Unlock qgroup_ioctl_lock before starting the transaction. This is to 1036 * avoid lock acquisition inversion problems (reported by lockdep) between 1037 * qgroup_ioctl_lock and the vfs freeze semaphores, acquired when we 1038 * start a transaction. 1039 * After we started the transaction lock qgroup_ioctl_lock again and 1040 * check if someone else created the quota root in the meanwhile. If so, 1041 * just return success and release the transaction handle. 1042 * 1043 * Also we don't need to worry about someone else calling 1044 * btrfs_sysfs_add_qgroups() after we unlock and getting an error because 1045 * that function returns 0 (success) when the sysfs entries already exist. 1046 */ 1047 mutex_unlock(&fs_info->qgroup_ioctl_lock); 1048 1049 /* 1050 * 1 for quota root item 1051 * 1 for BTRFS_QGROUP_STATUS item 1052 * 1053 * Yet we also need 2*n items for a QGROUP_INFO/QGROUP_LIMIT items 1054 * per subvolume. However those are not currently reserved since it 1055 * would be a lot of overkill. 1056 */ 1057 trans = btrfs_start_transaction(tree_root, 2); 1058 1059 mutex_lock(&fs_info->qgroup_ioctl_lock); 1060 if (IS_ERR(trans)) { 1061 ret = PTR_ERR(trans); 1062 trans = NULL; 1063 goto out; 1064 } 1065 1066 if (fs_info->quota_root) 1067 goto out; 1068 1069 fs_info->qgroup_ulist = ulist; 1070 ulist = NULL; 1071 1072 /* 1073 * initially create the quota tree 1074 */ 1075 quota_root = btrfs_create_tree(trans, BTRFS_QUOTA_TREE_OBJECTID); 1076 if (IS_ERR(quota_root)) { 1077 ret = PTR_ERR(quota_root); 1078 btrfs_abort_transaction(trans, ret); 1079 goto out; 1080 } 1081 1082 path = btrfs_alloc_path(); 1083 if (!path) { 1084 ret = -ENOMEM; 1085 btrfs_abort_transaction(trans, ret); 1086 goto out_free_root; 1087 } 1088 1089 key.objectid = 0; 1090 key.type = BTRFS_QGROUP_STATUS_KEY; 1091 key.offset = 0; 1092 1093 ret = btrfs_insert_empty_item(trans, quota_root, path, &key, 1094 sizeof(*ptr)); 1095 if (ret) { 1096 btrfs_abort_transaction(trans, ret); 1097 goto out_free_path; 1098 } 1099 1100 leaf = path->nodes[0]; 1101 ptr = btrfs_item_ptr(leaf, path->slots[0], 1102 struct btrfs_qgroup_status_item); 1103 btrfs_set_qgroup_status_generation(leaf, ptr, trans->transid); 1104 btrfs_set_qgroup_status_version(leaf, ptr, BTRFS_QGROUP_STATUS_VERSION); 1105 fs_info->qgroup_flags = BTRFS_QGROUP_STATUS_FLAG_ON; 1106 if (simple) { 1107 fs_info->qgroup_flags |= BTRFS_QGROUP_STATUS_FLAG_SIMPLE_MODE; 1108 btrfs_set_fs_incompat(fs_info, SIMPLE_QUOTA); 1109 btrfs_set_qgroup_status_enable_gen(leaf, ptr, trans->transid); 1110 } else { 1111 fs_info->qgroup_flags |= BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT; 1112 } 1113 btrfs_set_qgroup_status_flags(leaf, ptr, fs_info->qgroup_flags & 1114 BTRFS_QGROUP_STATUS_FLAGS_MASK); 1115 btrfs_set_qgroup_status_rescan(leaf, ptr, 0); 1116 1117 key.objectid = 0; 1118 key.type = BTRFS_ROOT_REF_KEY; 1119 key.offset = 0; 1120 1121 btrfs_release_path(path); 1122 ret = btrfs_search_slot_for_read(tree_root, &key, path, 1, 0); 1123 if (ret > 0) 1124 goto out_add_root; 1125 if (ret < 0) { 1126 btrfs_abort_transaction(trans, ret); 1127 goto out_free_path; 1128 } 1129 1130 while (1) { 1131 slot = path->slots[0]; 1132 leaf = path->nodes[0]; 1133 btrfs_item_key_to_cpu(leaf, &found_key, slot); 1134 1135 if (found_key.type == BTRFS_ROOT_REF_KEY) { 1136 1137 /* Release locks on tree_root before we access quota_root */ 1138 btrfs_release_path(path); 1139 1140 /* We should not have a stray @prealloc pointer. */ 1141 ASSERT(prealloc == NULL); 1142 prealloc = kzalloc(sizeof(*prealloc), GFP_NOFS); 1143 if (!prealloc) { 1144 ret = -ENOMEM; 1145 btrfs_abort_transaction(trans, ret); 1146 goto out_free_path; 1147 } 1148 1149 ret = add_qgroup_item(trans, quota_root, 1150 found_key.offset); 1151 if (ret) { 1152 btrfs_abort_transaction(trans, ret); 1153 goto out_free_path; 1154 } 1155 1156 qgroup = add_qgroup_rb(fs_info, prealloc, found_key.offset); 1157 prealloc = NULL; 1158 if (IS_ERR(qgroup)) { 1159 ret = PTR_ERR(qgroup); 1160 btrfs_abort_transaction(trans, ret); 1161 goto out_free_path; 1162 } 1163 ret = btrfs_sysfs_add_one_qgroup(fs_info, qgroup); 1164 if (ret < 0) { 1165 btrfs_abort_transaction(trans, ret); 1166 goto out_free_path; 1167 } 1168 ret = btrfs_search_slot_for_read(tree_root, &found_key, 1169 path, 1, 0); 1170 if (ret < 0) { 1171 btrfs_abort_transaction(trans, ret); 1172 goto out_free_path; 1173 } 1174 if (ret > 0) { 1175 /* 1176 * Shouldn't happen, but in case it does we 1177 * don't need to do the btrfs_next_item, just 1178 * continue. 1179 */ 1180 continue; 1181 } 1182 } 1183 ret = btrfs_next_item(tree_root, path); 1184 if (ret < 0) { 1185 btrfs_abort_transaction(trans, ret); 1186 goto out_free_path; 1187 } 1188 if (ret) 1189 break; 1190 } 1191 1192 out_add_root: 1193 btrfs_release_path(path); 1194 ret = add_qgroup_item(trans, quota_root, BTRFS_FS_TREE_OBJECTID); 1195 if (ret) { 1196 btrfs_abort_transaction(trans, ret); 1197 goto out_free_path; 1198 } 1199 1200 ASSERT(prealloc == NULL); 1201 prealloc = kzalloc(sizeof(*prealloc), GFP_NOFS); 1202 if (!prealloc) { 1203 ret = -ENOMEM; 1204 goto out_free_path; 1205 } 1206 qgroup = add_qgroup_rb(fs_info, prealloc, BTRFS_FS_TREE_OBJECTID); 1207 prealloc = NULL; 1208 ret = btrfs_sysfs_add_one_qgroup(fs_info, qgroup); 1209 if (ret < 0) { 1210 btrfs_abort_transaction(trans, ret); 1211 goto out_free_path; 1212 } 1213 1214 fs_info->qgroup_enable_gen = trans->transid; 1215 1216 mutex_unlock(&fs_info->qgroup_ioctl_lock); 1217 /* 1218 * Commit the transaction while not holding qgroup_ioctl_lock, to avoid 1219 * a deadlock with tasks concurrently doing other qgroup operations, such 1220 * adding/removing qgroups or adding/deleting qgroup relations for example, 1221 * because all qgroup operations first start or join a transaction and then 1222 * lock the qgroup_ioctl_lock mutex. 1223 * We are safe from a concurrent task trying to enable quotas, by calling 1224 * this function, since we are serialized by fs_info->subvol_sem. 1225 */ 1226 ret = btrfs_commit_transaction(trans); 1227 trans = NULL; 1228 mutex_lock(&fs_info->qgroup_ioctl_lock); 1229 if (ret) 1230 goto out_free_path; 1231 1232 /* 1233 * Set quota enabled flag after committing the transaction, to avoid 1234 * deadlocks on fs_info->qgroup_ioctl_lock with concurrent snapshot 1235 * creation. 1236 */ 1237 spin_lock(&fs_info->qgroup_lock); 1238 fs_info->quota_root = quota_root; 1239 set_bit(BTRFS_FS_QUOTA_ENABLED, &fs_info->flags); 1240 spin_unlock(&fs_info->qgroup_lock); 1241 1242 /* Skip rescan for simple qgroups. */ 1243 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_SIMPLE) 1244 goto out_free_path; 1245 1246 ret = qgroup_rescan_init(fs_info, 0, 1); 1247 if (!ret) { 1248 qgroup_rescan_zero_tracking(fs_info); 1249 fs_info->qgroup_rescan_running = true; 1250 btrfs_queue_work(fs_info->qgroup_rescan_workers, 1251 &fs_info->qgroup_rescan_work); 1252 } else { 1253 /* 1254 * We have set both BTRFS_FS_QUOTA_ENABLED and 1255 * BTRFS_QGROUP_STATUS_FLAG_ON, so we can only fail with 1256 * -EINPROGRESS. That can happen because someone started the 1257 * rescan worker by calling quota rescan ioctl before we 1258 * attempted to initialize the rescan worker. Failure due to 1259 * quotas disabled in the meanwhile is not possible, because 1260 * we are holding a write lock on fs_info->subvol_sem, which 1261 * is also acquired when disabling quotas. 1262 * Ignore such error, and any other error would need to undo 1263 * everything we did in the transaction we just committed. 1264 */ 1265 ASSERT(ret == -EINPROGRESS); 1266 ret = 0; 1267 } 1268 1269 out_free_path: 1270 btrfs_free_path(path); 1271 out_free_root: 1272 if (ret) 1273 btrfs_put_root(quota_root); 1274 out: 1275 if (ret) { 1276 ulist_free(fs_info->qgroup_ulist); 1277 fs_info->qgroup_ulist = NULL; 1278 btrfs_sysfs_del_qgroups(fs_info); 1279 } 1280 mutex_unlock(&fs_info->qgroup_ioctl_lock); 1281 if (ret && trans) 1282 btrfs_end_transaction(trans); 1283 else if (trans) 1284 ret = btrfs_end_transaction(trans); 1285 ulist_free(ulist); 1286 kfree(prealloc); 1287 return ret; 1288 } 1289 1290 /* 1291 * It is possible to have outstanding ordered extents which reserved bytes 1292 * before we disabled. We need to fully flush delalloc, ordered extents, and a 1293 * commit to ensure that we don't leak such reservations, only to have them 1294 * come back if we re-enable. 1295 * 1296 * - enable simple quotas 1297 * - reserve space 1298 * - release it, store rsv_bytes in OE 1299 * - disable quotas 1300 * - enable simple quotas (qgroup rsv are all 0) 1301 * - OE finishes 1302 * - run delayed refs 1303 * - free rsv_bytes, resulting in miscounting or even underflow 1304 */ 1305 static int flush_reservations(struct btrfs_fs_info *fs_info) 1306 { 1307 int ret; 1308 1309 ret = btrfs_start_delalloc_roots(fs_info, LONG_MAX, false); 1310 if (ret) 1311 return ret; 1312 btrfs_wait_ordered_roots(fs_info, U64_MAX, NULL); 1313 1314 return btrfs_commit_current_transaction(fs_info->tree_root); 1315 } 1316 1317 int btrfs_quota_disable(struct btrfs_fs_info *fs_info) 1318 { 1319 struct btrfs_root *quota_root = NULL; 1320 struct btrfs_trans_handle *trans = NULL; 1321 int ret = 0; 1322 1323 /* 1324 * We need to have subvol_sem write locked to prevent races with 1325 * snapshot creation. 1326 */ 1327 lockdep_assert_held_write(&fs_info->subvol_sem); 1328 1329 /* 1330 * Relocation will mess with backrefs, so make sure we have the 1331 * cleaner_mutex held to protect us from relocate. 1332 */ 1333 lockdep_assert_held(&fs_info->cleaner_mutex); 1334 1335 mutex_lock(&fs_info->qgroup_ioctl_lock); 1336 if (!fs_info->quota_root) 1337 goto out; 1338 1339 /* 1340 * Unlock the qgroup_ioctl_lock mutex before waiting for the rescan worker to 1341 * complete. Otherwise we can deadlock because btrfs_remove_qgroup() needs 1342 * to lock that mutex while holding a transaction handle and the rescan 1343 * worker needs to commit a transaction. 1344 */ 1345 mutex_unlock(&fs_info->qgroup_ioctl_lock); 1346 1347 /* 1348 * Request qgroup rescan worker to complete and wait for it. This wait 1349 * must be done before transaction start for quota disable since it may 1350 * deadlock with transaction by the qgroup rescan worker. 1351 */ 1352 clear_bit(BTRFS_FS_QUOTA_ENABLED, &fs_info->flags); 1353 btrfs_qgroup_wait_for_completion(fs_info, false); 1354 1355 /* 1356 * We have nothing held here and no trans handle, just return the error 1357 * if there is one. 1358 */ 1359 ret = flush_reservations(fs_info); 1360 if (ret) 1361 return ret; 1362 1363 /* 1364 * 1 For the root item 1365 * 1366 * We should also reserve enough items for the quota tree deletion in 1367 * btrfs_clean_quota_tree but this is not done. 1368 * 1369 * Also, we must always start a transaction without holding the mutex 1370 * qgroup_ioctl_lock, see btrfs_quota_enable(). 1371 */ 1372 trans = btrfs_start_transaction(fs_info->tree_root, 1); 1373 1374 mutex_lock(&fs_info->qgroup_ioctl_lock); 1375 if (IS_ERR(trans)) { 1376 ret = PTR_ERR(trans); 1377 trans = NULL; 1378 set_bit(BTRFS_FS_QUOTA_ENABLED, &fs_info->flags); 1379 goto out; 1380 } 1381 1382 if (!fs_info->quota_root) 1383 goto out; 1384 1385 spin_lock(&fs_info->qgroup_lock); 1386 quota_root = fs_info->quota_root; 1387 fs_info->quota_root = NULL; 1388 fs_info->qgroup_flags &= ~BTRFS_QGROUP_STATUS_FLAG_ON; 1389 fs_info->qgroup_flags &= ~BTRFS_QGROUP_STATUS_FLAG_SIMPLE_MODE; 1390 fs_info->qgroup_drop_subtree_thres = BTRFS_QGROUP_DROP_SUBTREE_THRES_DEFAULT; 1391 spin_unlock(&fs_info->qgroup_lock); 1392 1393 btrfs_free_qgroup_config(fs_info); 1394 1395 ret = btrfs_clean_quota_tree(trans, quota_root); 1396 if (ret) { 1397 btrfs_abort_transaction(trans, ret); 1398 goto out; 1399 } 1400 1401 ret = btrfs_del_root(trans, "a_root->root_key); 1402 if (ret) { 1403 btrfs_abort_transaction(trans, ret); 1404 goto out; 1405 } 1406 1407 spin_lock(&fs_info->trans_lock); 1408 list_del("a_root->dirty_list); 1409 spin_unlock(&fs_info->trans_lock); 1410 1411 btrfs_tree_lock(quota_root->node); 1412 btrfs_clear_buffer_dirty(trans, quota_root->node); 1413 btrfs_tree_unlock(quota_root->node); 1414 ret = btrfs_free_tree_block(trans, btrfs_root_id(quota_root), 1415 quota_root->node, 0, 1); 1416 1417 if (ret < 0) 1418 btrfs_abort_transaction(trans, ret); 1419 1420 out: 1421 btrfs_put_root(quota_root); 1422 mutex_unlock(&fs_info->qgroup_ioctl_lock); 1423 if (ret && trans) 1424 btrfs_end_transaction(trans); 1425 else if (trans) 1426 ret = btrfs_commit_transaction(trans); 1427 return ret; 1428 } 1429 1430 static void qgroup_dirty(struct btrfs_fs_info *fs_info, 1431 struct btrfs_qgroup *qgroup) 1432 { 1433 if (list_empty(&qgroup->dirty)) 1434 list_add(&qgroup->dirty, &fs_info->dirty_qgroups); 1435 } 1436 1437 static void qgroup_iterator_add(struct list_head *head, struct btrfs_qgroup *qgroup) 1438 { 1439 if (!list_empty(&qgroup->iterator)) 1440 return; 1441 1442 list_add_tail(&qgroup->iterator, head); 1443 } 1444 1445 static void qgroup_iterator_clean(struct list_head *head) 1446 { 1447 while (!list_empty(head)) { 1448 struct btrfs_qgroup *qgroup; 1449 1450 qgroup = list_first_entry(head, struct btrfs_qgroup, iterator); 1451 list_del_init(&qgroup->iterator); 1452 } 1453 } 1454 1455 /* 1456 * The easy accounting, we're updating qgroup relationship whose child qgroup 1457 * only has exclusive extents. 1458 * 1459 * In this case, all exclusive extents will also be exclusive for parent, so 1460 * excl/rfer just get added/removed. 1461 * 1462 * So is qgroup reservation space, which should also be added/removed to 1463 * parent. 1464 * Or when child tries to release reservation space, parent will underflow its 1465 * reservation (for relationship adding case). 1466 * 1467 * Caller should hold fs_info->qgroup_lock. 1468 */ 1469 static int __qgroup_excl_accounting(struct btrfs_fs_info *fs_info, u64 ref_root, 1470 struct btrfs_qgroup *src, int sign) 1471 { 1472 struct btrfs_qgroup *qgroup; 1473 struct btrfs_qgroup *cur; 1474 LIST_HEAD(qgroup_list); 1475 u64 num_bytes = src->excl; 1476 int ret = 0; 1477 1478 qgroup = find_qgroup_rb(fs_info, ref_root); 1479 if (!qgroup) 1480 goto out; 1481 1482 qgroup_iterator_add(&qgroup_list, qgroup); 1483 list_for_each_entry(cur, &qgroup_list, iterator) { 1484 struct btrfs_qgroup_list *glist; 1485 1486 qgroup->rfer += sign * num_bytes; 1487 qgroup->rfer_cmpr += sign * num_bytes; 1488 1489 WARN_ON(sign < 0 && qgroup->excl < num_bytes); 1490 qgroup->excl += sign * num_bytes; 1491 qgroup->excl_cmpr += sign * num_bytes; 1492 1493 if (sign > 0) 1494 qgroup_rsv_add_by_qgroup(fs_info, qgroup, src); 1495 else 1496 qgroup_rsv_release_by_qgroup(fs_info, qgroup, src); 1497 qgroup_dirty(fs_info, qgroup); 1498 1499 /* Append parent qgroups to @qgroup_list. */ 1500 list_for_each_entry(glist, &qgroup->groups, next_group) 1501 qgroup_iterator_add(&qgroup_list, glist->group); 1502 } 1503 ret = 0; 1504 out: 1505 qgroup_iterator_clean(&qgroup_list); 1506 return ret; 1507 } 1508 1509 1510 /* 1511 * Quick path for updating qgroup with only excl refs. 1512 * 1513 * In that case, just update all parent will be enough. 1514 * Or we needs to do a full rescan. 1515 * Caller should also hold fs_info->qgroup_lock. 1516 * 1517 * Return 0 for quick update, return >0 for need to full rescan 1518 * and mark INCONSISTENT flag. 1519 * Return < 0 for other error. 1520 */ 1521 static int quick_update_accounting(struct btrfs_fs_info *fs_info, 1522 u64 src, u64 dst, int sign) 1523 { 1524 struct btrfs_qgroup *qgroup; 1525 int ret = 1; 1526 1527 qgroup = find_qgroup_rb(fs_info, src); 1528 if (!qgroup) 1529 goto out; 1530 if (qgroup->excl == qgroup->rfer) { 1531 ret = __qgroup_excl_accounting(fs_info, dst, qgroup, sign); 1532 if (ret < 0) 1533 goto out; 1534 ret = 0; 1535 } 1536 out: 1537 if (ret) 1538 fs_info->qgroup_flags |= BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT; 1539 return ret; 1540 } 1541 1542 /* 1543 * Add relation between @src and @dst qgroup. The @prealloc is allocated by the 1544 * callers and transferred here (either used or freed on error). 1545 */ 1546 int btrfs_add_qgroup_relation(struct btrfs_trans_handle *trans, u64 src, u64 dst, 1547 struct btrfs_qgroup_list *prealloc) 1548 { 1549 struct btrfs_fs_info *fs_info = trans->fs_info; 1550 struct btrfs_qgroup *parent; 1551 struct btrfs_qgroup *member; 1552 struct btrfs_qgroup_list *list; 1553 int ret = 0; 1554 1555 ASSERT(prealloc); 1556 1557 /* Check the level of src and dst first */ 1558 if (btrfs_qgroup_level(src) >= btrfs_qgroup_level(dst)) 1559 return -EINVAL; 1560 1561 mutex_lock(&fs_info->qgroup_ioctl_lock); 1562 if (!fs_info->quota_root) { 1563 ret = -ENOTCONN; 1564 goto out; 1565 } 1566 member = find_qgroup_rb(fs_info, src); 1567 parent = find_qgroup_rb(fs_info, dst); 1568 if (!member || !parent) { 1569 ret = -EINVAL; 1570 goto out; 1571 } 1572 1573 /* check if such qgroup relation exist firstly */ 1574 list_for_each_entry(list, &member->groups, next_group) { 1575 if (list->group == parent) { 1576 ret = -EEXIST; 1577 goto out; 1578 } 1579 } 1580 1581 ret = add_qgroup_relation_item(trans, src, dst); 1582 if (ret) 1583 goto out; 1584 1585 ret = add_qgroup_relation_item(trans, dst, src); 1586 if (ret) { 1587 del_qgroup_relation_item(trans, src, dst); 1588 goto out; 1589 } 1590 1591 spin_lock(&fs_info->qgroup_lock); 1592 ret = __add_relation_rb(prealloc, member, parent); 1593 prealloc = NULL; 1594 if (ret < 0) { 1595 spin_unlock(&fs_info->qgroup_lock); 1596 goto out; 1597 } 1598 ret = quick_update_accounting(fs_info, src, dst, 1); 1599 spin_unlock(&fs_info->qgroup_lock); 1600 out: 1601 kfree(prealloc); 1602 mutex_unlock(&fs_info->qgroup_ioctl_lock); 1603 return ret; 1604 } 1605 1606 static int __del_qgroup_relation(struct btrfs_trans_handle *trans, u64 src, 1607 u64 dst) 1608 { 1609 struct btrfs_fs_info *fs_info = trans->fs_info; 1610 struct btrfs_qgroup *parent; 1611 struct btrfs_qgroup *member; 1612 struct btrfs_qgroup_list *list; 1613 bool found = false; 1614 int ret = 0; 1615 int ret2; 1616 1617 if (!fs_info->quota_root) { 1618 ret = -ENOTCONN; 1619 goto out; 1620 } 1621 1622 member = find_qgroup_rb(fs_info, src); 1623 parent = find_qgroup_rb(fs_info, dst); 1624 /* 1625 * The parent/member pair doesn't exist, then try to delete the dead 1626 * relation items only. 1627 */ 1628 if (!member || !parent) 1629 goto delete_item; 1630 1631 /* check if such qgroup relation exist firstly */ 1632 list_for_each_entry(list, &member->groups, next_group) { 1633 if (list->group == parent) { 1634 found = true; 1635 break; 1636 } 1637 } 1638 1639 delete_item: 1640 ret = del_qgroup_relation_item(trans, src, dst); 1641 if (ret < 0 && ret != -ENOENT) 1642 goto out; 1643 ret2 = del_qgroup_relation_item(trans, dst, src); 1644 if (ret2 < 0 && ret2 != -ENOENT) 1645 goto out; 1646 1647 /* At least one deletion succeeded, return 0 */ 1648 if (!ret || !ret2) 1649 ret = 0; 1650 1651 if (found) { 1652 spin_lock(&fs_info->qgroup_lock); 1653 del_relation_rb(fs_info, src, dst); 1654 ret = quick_update_accounting(fs_info, src, dst, -1); 1655 spin_unlock(&fs_info->qgroup_lock); 1656 } 1657 out: 1658 return ret; 1659 } 1660 1661 int btrfs_del_qgroup_relation(struct btrfs_trans_handle *trans, u64 src, 1662 u64 dst) 1663 { 1664 struct btrfs_fs_info *fs_info = trans->fs_info; 1665 int ret = 0; 1666 1667 mutex_lock(&fs_info->qgroup_ioctl_lock); 1668 ret = __del_qgroup_relation(trans, src, dst); 1669 mutex_unlock(&fs_info->qgroup_ioctl_lock); 1670 1671 return ret; 1672 } 1673 1674 int btrfs_create_qgroup(struct btrfs_trans_handle *trans, u64 qgroupid) 1675 { 1676 struct btrfs_fs_info *fs_info = trans->fs_info; 1677 struct btrfs_root *quota_root; 1678 struct btrfs_qgroup *qgroup; 1679 struct btrfs_qgroup *prealloc = NULL; 1680 int ret = 0; 1681 1682 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_DISABLED) 1683 return 0; 1684 1685 mutex_lock(&fs_info->qgroup_ioctl_lock); 1686 if (!fs_info->quota_root) { 1687 ret = -ENOTCONN; 1688 goto out; 1689 } 1690 quota_root = fs_info->quota_root; 1691 qgroup = find_qgroup_rb(fs_info, qgroupid); 1692 if (qgroup) { 1693 ret = -EEXIST; 1694 goto out; 1695 } 1696 1697 prealloc = kzalloc(sizeof(*prealloc), GFP_NOFS); 1698 if (!prealloc) { 1699 ret = -ENOMEM; 1700 goto out; 1701 } 1702 1703 ret = add_qgroup_item(trans, quota_root, qgroupid); 1704 if (ret) 1705 goto out; 1706 1707 spin_lock(&fs_info->qgroup_lock); 1708 qgroup = add_qgroup_rb(fs_info, prealloc, qgroupid); 1709 spin_unlock(&fs_info->qgroup_lock); 1710 prealloc = NULL; 1711 1712 ret = btrfs_sysfs_add_one_qgroup(fs_info, qgroup); 1713 out: 1714 mutex_unlock(&fs_info->qgroup_ioctl_lock); 1715 kfree(prealloc); 1716 return ret; 1717 } 1718 1719 /* 1720 * Return 0 if we can not delete the qgroup (not empty or has children etc). 1721 * Return >0 if we can delete the qgroup. 1722 * Return <0 for other errors during tree search. 1723 */ 1724 static int can_delete_qgroup(struct btrfs_fs_info *fs_info, struct btrfs_qgroup *qgroup) 1725 { 1726 struct btrfs_key key; 1727 struct btrfs_path *path; 1728 int ret; 1729 1730 /* 1731 * Squota would never be inconsistent, but there can still be case 1732 * where a dropped subvolume still has qgroup numbers, and squota 1733 * relies on such qgroup for future accounting. 1734 * 1735 * So for squota, do not allow dropping any non-zero qgroup. 1736 */ 1737 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_SIMPLE && 1738 (qgroup->rfer || qgroup->excl || qgroup->excl_cmpr || qgroup->rfer_cmpr)) 1739 return 0; 1740 1741 /* For higher level qgroup, we can only delete it if it has no child. */ 1742 if (btrfs_qgroup_level(qgroup->qgroupid)) { 1743 if (!list_empty(&qgroup->members)) 1744 return 0; 1745 return 1; 1746 } 1747 1748 /* 1749 * For level-0 qgroups, we can only delete it if it has no subvolume 1750 * for it. 1751 * This means even a subvolume is unlinked but not yet fully dropped, 1752 * we can not delete the qgroup. 1753 */ 1754 key.objectid = qgroup->qgroupid; 1755 key.type = BTRFS_ROOT_ITEM_KEY; 1756 key.offset = -1ULL; 1757 path = btrfs_alloc_path(); 1758 if (!path) 1759 return -ENOMEM; 1760 1761 ret = btrfs_find_root(fs_info->tree_root, &key, path, NULL, NULL); 1762 btrfs_free_path(path); 1763 /* 1764 * The @ret from btrfs_find_root() exactly matches our definition for 1765 * the return value, thus can be returned directly. 1766 */ 1767 return ret; 1768 } 1769 1770 int btrfs_remove_qgroup(struct btrfs_trans_handle *trans, u64 qgroupid) 1771 { 1772 struct btrfs_fs_info *fs_info = trans->fs_info; 1773 struct btrfs_qgroup *qgroup; 1774 struct btrfs_qgroup_list *list; 1775 int ret = 0; 1776 1777 mutex_lock(&fs_info->qgroup_ioctl_lock); 1778 if (!fs_info->quota_root) { 1779 ret = -ENOTCONN; 1780 goto out; 1781 } 1782 1783 qgroup = find_qgroup_rb(fs_info, qgroupid); 1784 if (!qgroup) { 1785 ret = -ENOENT; 1786 goto out; 1787 } 1788 1789 ret = can_delete_qgroup(fs_info, qgroup); 1790 if (ret < 0) 1791 goto out; 1792 if (ret == 0) { 1793 ret = -EBUSY; 1794 goto out; 1795 } 1796 1797 /* Check if there are no children of this qgroup */ 1798 if (!list_empty(&qgroup->members)) { 1799 ret = -EBUSY; 1800 goto out; 1801 } 1802 1803 ret = del_qgroup_item(trans, qgroupid); 1804 if (ret && ret != -ENOENT) 1805 goto out; 1806 1807 while (!list_empty(&qgroup->groups)) { 1808 list = list_first_entry(&qgroup->groups, 1809 struct btrfs_qgroup_list, next_group); 1810 ret = __del_qgroup_relation(trans, qgroupid, 1811 list->group->qgroupid); 1812 if (ret) 1813 goto out; 1814 } 1815 1816 spin_lock(&fs_info->qgroup_lock); 1817 /* 1818 * Warn on reserved space. The subvolume should has no child nor 1819 * corresponding subvolume. 1820 * Thus its reserved space should all be zero, no matter if qgroup 1821 * is consistent or the mode. 1822 */ 1823 if (qgroup->rsv.values[BTRFS_QGROUP_RSV_DATA] || 1824 qgroup->rsv.values[BTRFS_QGROUP_RSV_META_PREALLOC] || 1825 qgroup->rsv.values[BTRFS_QGROUP_RSV_META_PERTRANS]) { 1826 DEBUG_WARN(); 1827 btrfs_warn_rl(fs_info, 1828 "to be deleted qgroup %u/%llu has non-zero numbers, data %llu meta prealloc %llu meta pertrans %llu", 1829 btrfs_qgroup_level(qgroup->qgroupid), 1830 btrfs_qgroup_subvolid(qgroup->qgroupid), 1831 qgroup->rsv.values[BTRFS_QGROUP_RSV_DATA], 1832 qgroup->rsv.values[BTRFS_QGROUP_RSV_META_PREALLOC], 1833 qgroup->rsv.values[BTRFS_QGROUP_RSV_META_PERTRANS]); 1834 1835 } 1836 /* 1837 * The same for rfer/excl numbers, but that's only if our qgroup is 1838 * consistent and if it's in regular qgroup mode. 1839 * For simple mode it's not as accurate thus we can hit non-zero values 1840 * very frequently. 1841 */ 1842 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_FULL && 1843 !(fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT)) { 1844 if (qgroup->rfer || qgroup->excl || 1845 qgroup->rfer_cmpr || qgroup->excl_cmpr) { 1846 DEBUG_WARN(); 1847 btrfs_warn_rl(fs_info, 1848 "to be deleted qgroup %u/%llu has non-zero numbers, rfer %llu rfer_cmpr %llu excl %llu excl_cmpr %llu", 1849 btrfs_qgroup_level(qgroup->qgroupid), 1850 btrfs_qgroup_subvolid(qgroup->qgroupid), 1851 qgroup->rfer, qgroup->rfer_cmpr, 1852 qgroup->excl, qgroup->excl_cmpr); 1853 qgroup_mark_inconsistent(fs_info); 1854 } 1855 } 1856 del_qgroup_rb(fs_info, qgroupid); 1857 spin_unlock(&fs_info->qgroup_lock); 1858 1859 /* 1860 * Remove the qgroup from sysfs now without holding the qgroup_lock 1861 * spinlock, since the sysfs_remove_group() function needs to take 1862 * the mutex kernfs_mutex through kernfs_remove_by_name_ns(). 1863 */ 1864 btrfs_sysfs_del_one_qgroup(fs_info, qgroup); 1865 kfree(qgroup); 1866 out: 1867 mutex_unlock(&fs_info->qgroup_ioctl_lock); 1868 return ret; 1869 } 1870 1871 int btrfs_qgroup_cleanup_dropped_subvolume(struct btrfs_fs_info *fs_info, u64 subvolid) 1872 { 1873 struct btrfs_trans_handle *trans; 1874 int ret; 1875 1876 if (!is_fstree(subvolid) || !btrfs_qgroup_enabled(fs_info) || !fs_info->quota_root) 1877 return 0; 1878 1879 /* 1880 * Commit current transaction to make sure all the rfer/excl numbers 1881 * get updated. 1882 */ 1883 ret = btrfs_commit_current_transaction(fs_info->quota_root); 1884 if (ret < 0) 1885 return ret; 1886 1887 /* Start new trans to delete the qgroup info and limit items. */ 1888 trans = btrfs_start_transaction(fs_info->quota_root, 2); 1889 if (IS_ERR(trans)) 1890 return PTR_ERR(trans); 1891 ret = btrfs_remove_qgroup(trans, subvolid); 1892 btrfs_end_transaction(trans); 1893 /* 1894 * It's squota and the subvolume still has numbers needed for future 1895 * accounting, in this case we can not delete it. Just skip it. 1896 * 1897 * Or the qgroup is already removed by a qgroup rescan. For both cases we're 1898 * safe to ignore them. 1899 */ 1900 if (ret == -EBUSY || ret == -ENOENT) 1901 ret = 0; 1902 return ret; 1903 } 1904 1905 int btrfs_limit_qgroup(struct btrfs_trans_handle *trans, u64 qgroupid, 1906 struct btrfs_qgroup_limit *limit) 1907 { 1908 struct btrfs_fs_info *fs_info = trans->fs_info; 1909 struct btrfs_qgroup *qgroup; 1910 int ret = 0; 1911 /* Sometimes we would want to clear the limit on this qgroup. 1912 * To meet this requirement, we treat the -1 as a special value 1913 * which tell kernel to clear the limit on this qgroup. 1914 */ 1915 const u64 CLEAR_VALUE = -1; 1916 1917 mutex_lock(&fs_info->qgroup_ioctl_lock); 1918 if (!fs_info->quota_root) { 1919 ret = -ENOTCONN; 1920 goto out; 1921 } 1922 1923 qgroup = find_qgroup_rb(fs_info, qgroupid); 1924 if (!qgroup) { 1925 ret = -ENOENT; 1926 goto out; 1927 } 1928 1929 spin_lock(&fs_info->qgroup_lock); 1930 if (limit->flags & BTRFS_QGROUP_LIMIT_MAX_RFER) { 1931 if (limit->max_rfer == CLEAR_VALUE) { 1932 qgroup->lim_flags &= ~BTRFS_QGROUP_LIMIT_MAX_RFER; 1933 limit->flags &= ~BTRFS_QGROUP_LIMIT_MAX_RFER; 1934 qgroup->max_rfer = 0; 1935 } else { 1936 qgroup->max_rfer = limit->max_rfer; 1937 } 1938 } 1939 if (limit->flags & BTRFS_QGROUP_LIMIT_MAX_EXCL) { 1940 if (limit->max_excl == CLEAR_VALUE) { 1941 qgroup->lim_flags &= ~BTRFS_QGROUP_LIMIT_MAX_EXCL; 1942 limit->flags &= ~BTRFS_QGROUP_LIMIT_MAX_EXCL; 1943 qgroup->max_excl = 0; 1944 } else { 1945 qgroup->max_excl = limit->max_excl; 1946 } 1947 } 1948 if (limit->flags & BTRFS_QGROUP_LIMIT_RSV_RFER) { 1949 if (limit->rsv_rfer == CLEAR_VALUE) { 1950 qgroup->lim_flags &= ~BTRFS_QGROUP_LIMIT_RSV_RFER; 1951 limit->flags &= ~BTRFS_QGROUP_LIMIT_RSV_RFER; 1952 qgroup->rsv_rfer = 0; 1953 } else { 1954 qgroup->rsv_rfer = limit->rsv_rfer; 1955 } 1956 } 1957 if (limit->flags & BTRFS_QGROUP_LIMIT_RSV_EXCL) { 1958 if (limit->rsv_excl == CLEAR_VALUE) { 1959 qgroup->lim_flags &= ~BTRFS_QGROUP_LIMIT_RSV_EXCL; 1960 limit->flags &= ~BTRFS_QGROUP_LIMIT_RSV_EXCL; 1961 qgroup->rsv_excl = 0; 1962 } else { 1963 qgroup->rsv_excl = limit->rsv_excl; 1964 } 1965 } 1966 qgroup->lim_flags |= limit->flags; 1967 1968 spin_unlock(&fs_info->qgroup_lock); 1969 1970 ret = update_qgroup_limit_item(trans, qgroup); 1971 if (ret) { 1972 qgroup_mark_inconsistent(fs_info); 1973 btrfs_info(fs_info, "unable to update quota limit for %llu", 1974 qgroupid); 1975 } 1976 1977 out: 1978 mutex_unlock(&fs_info->qgroup_ioctl_lock); 1979 return ret; 1980 } 1981 1982 /* 1983 * Inform qgroup to trace one dirty extent, its info is recorded in @record. 1984 * So qgroup can account it at transaction committing time. 1985 * 1986 * No lock version, caller must acquire delayed ref lock and allocated memory, 1987 * then call btrfs_qgroup_trace_extent_post() after exiting lock context. 1988 * 1989 * Return 0 for success insert 1990 * Return >0 for existing record, caller can free @record safely. 1991 * Return <0 for insertion failure, caller can free @record safely. 1992 */ 1993 int btrfs_qgroup_trace_extent_nolock(struct btrfs_fs_info *fs_info, 1994 struct btrfs_delayed_ref_root *delayed_refs, 1995 struct btrfs_qgroup_extent_record *record, 1996 u64 bytenr) 1997 { 1998 struct btrfs_qgroup_extent_record *existing, *ret; 1999 const unsigned long index = (bytenr >> fs_info->sectorsize_bits); 2000 2001 if (!btrfs_qgroup_full_accounting(fs_info)) 2002 return 1; 2003 2004 #if BITS_PER_LONG == 32 2005 if (bytenr >= MAX_LFS_FILESIZE) { 2006 btrfs_err_rl(fs_info, 2007 "qgroup record for extent at %llu is beyond 32bit page cache and xarray index limit", 2008 bytenr); 2009 btrfs_err_32bit_limit(fs_info); 2010 return -EOVERFLOW; 2011 } 2012 #endif 2013 2014 trace_btrfs_qgroup_trace_extent(fs_info, record, bytenr); 2015 2016 xa_lock(&delayed_refs->dirty_extents); 2017 existing = xa_load(&delayed_refs->dirty_extents, index); 2018 if (existing) { 2019 if (record->data_rsv && !existing->data_rsv) { 2020 existing->data_rsv = record->data_rsv; 2021 existing->data_rsv_refroot = record->data_rsv_refroot; 2022 } 2023 xa_unlock(&delayed_refs->dirty_extents); 2024 return 1; 2025 } 2026 2027 ret = __xa_store(&delayed_refs->dirty_extents, index, record, GFP_ATOMIC); 2028 xa_unlock(&delayed_refs->dirty_extents); 2029 if (xa_is_err(ret)) { 2030 qgroup_mark_inconsistent(fs_info); 2031 return xa_err(ret); 2032 } 2033 2034 return 0; 2035 } 2036 2037 /* 2038 * Post handler after qgroup_trace_extent_nolock(). 2039 * 2040 * NOTE: Current qgroup does the expensive backref walk at transaction 2041 * committing time with TRANS_STATE_COMMIT_DOING, this blocks incoming 2042 * new transaction. 2043 * This is designed to allow btrfs_find_all_roots() to get correct new_roots 2044 * result. 2045 * 2046 * However for old_roots there is no need to do backref walk at that time, 2047 * since we search commit roots to walk backref and result will always be 2048 * correct. 2049 * 2050 * Due to the nature of no lock version, we can't do backref there. 2051 * So we must call btrfs_qgroup_trace_extent_post() after exiting 2052 * spinlock context. 2053 * 2054 * TODO: If we can fix and prove btrfs_find_all_roots() can get correct result 2055 * using current root, then we can move all expensive backref walk out of 2056 * transaction committing, but not now as qgroup accounting will be wrong again. 2057 */ 2058 int btrfs_qgroup_trace_extent_post(struct btrfs_trans_handle *trans, 2059 struct btrfs_qgroup_extent_record *qrecord, 2060 u64 bytenr) 2061 { 2062 struct btrfs_fs_info *fs_info = trans->fs_info; 2063 struct btrfs_backref_walk_ctx ctx = { 2064 .bytenr = bytenr, 2065 .fs_info = fs_info, 2066 }; 2067 int ret; 2068 2069 if (!btrfs_qgroup_full_accounting(fs_info)) 2070 return 0; 2071 /* 2072 * We are always called in a context where we are already holding a 2073 * transaction handle. Often we are called when adding a data delayed 2074 * reference from btrfs_truncate_inode_items() (truncating or unlinking), 2075 * in which case we will be holding a write lock on extent buffer from a 2076 * subvolume tree. In this case we can't allow btrfs_find_all_roots() to 2077 * acquire fs_info->commit_root_sem, because that is a higher level lock 2078 * that must be acquired before locking any extent buffers. 2079 * 2080 * So we want btrfs_find_all_roots() to not acquire the commit_root_sem 2081 * but we can't pass it a non-NULL transaction handle, because otherwise 2082 * it would not use commit roots and would lock extent buffers, causing 2083 * a deadlock if it ends up trying to read lock the same extent buffer 2084 * that was previously write locked at btrfs_truncate_inode_items(). 2085 * 2086 * So pass a NULL transaction handle to btrfs_find_all_roots() and 2087 * explicitly tell it to not acquire the commit_root_sem - if we are 2088 * holding a transaction handle we don't need its protection. 2089 */ 2090 ASSERT(trans != NULL); 2091 2092 if (fs_info->qgroup_flags & BTRFS_QGROUP_RUNTIME_FLAG_NO_ACCOUNTING) 2093 return 0; 2094 2095 ret = btrfs_find_all_roots(&ctx, true); 2096 if (ret < 0) { 2097 qgroup_mark_inconsistent(fs_info); 2098 btrfs_warn(fs_info, 2099 "error accounting new delayed refs extent (err code: %d), quota inconsistent", 2100 ret); 2101 return 0; 2102 } 2103 2104 /* 2105 * Here we don't need to get the lock of 2106 * trans->transaction->delayed_refs, since inserted qrecord won't 2107 * be deleted, only qrecord->node may be modified (new qrecord insert) 2108 * 2109 * So modifying qrecord->old_roots is safe here 2110 */ 2111 qrecord->old_roots = ctx.roots; 2112 return 0; 2113 } 2114 2115 /* 2116 * Inform qgroup to trace one dirty extent, specified by @bytenr and 2117 * @num_bytes. 2118 * So qgroup can account it at commit trans time. 2119 * 2120 * Better encapsulated version, with memory allocation and backref walk for 2121 * commit roots. 2122 * So this can sleep. 2123 * 2124 * Return 0 if the operation is done. 2125 * Return <0 for error, like memory allocation failure or invalid parameter 2126 * (NULL trans) 2127 */ 2128 int btrfs_qgroup_trace_extent(struct btrfs_trans_handle *trans, u64 bytenr, 2129 u64 num_bytes) 2130 { 2131 struct btrfs_fs_info *fs_info = trans->fs_info; 2132 struct btrfs_qgroup_extent_record *record; 2133 struct btrfs_delayed_ref_root *delayed_refs = &trans->transaction->delayed_refs; 2134 const unsigned long index = (bytenr >> fs_info->sectorsize_bits); 2135 int ret; 2136 2137 if (!btrfs_qgroup_full_accounting(fs_info) || bytenr == 0 || num_bytes == 0) 2138 return 0; 2139 record = kzalloc(sizeof(*record), GFP_NOFS); 2140 if (!record) 2141 return -ENOMEM; 2142 2143 if (xa_reserve(&delayed_refs->dirty_extents, index, GFP_NOFS)) { 2144 kfree(record); 2145 return -ENOMEM; 2146 } 2147 2148 record->num_bytes = num_bytes; 2149 2150 ret = btrfs_qgroup_trace_extent_nolock(fs_info, delayed_refs, record, bytenr); 2151 if (ret) { 2152 /* Clean up if insertion fails or item exists. */ 2153 xa_release(&delayed_refs->dirty_extents, index); 2154 kfree(record); 2155 return 0; 2156 } 2157 return btrfs_qgroup_trace_extent_post(trans, record, bytenr); 2158 } 2159 2160 /* 2161 * Inform qgroup to trace all leaf items of data 2162 * 2163 * Return 0 for success 2164 * Return <0 for error(ENOMEM) 2165 */ 2166 int btrfs_qgroup_trace_leaf_items(struct btrfs_trans_handle *trans, 2167 struct extent_buffer *eb) 2168 { 2169 struct btrfs_fs_info *fs_info = trans->fs_info; 2170 int nr = btrfs_header_nritems(eb); 2171 int i, extent_type, ret; 2172 struct btrfs_key key; 2173 struct btrfs_file_extent_item *fi; 2174 u64 bytenr, num_bytes; 2175 2176 /* We can be called directly from walk_up_proc() */ 2177 if (!btrfs_qgroup_full_accounting(fs_info)) 2178 return 0; 2179 2180 for (i = 0; i < nr; i++) { 2181 btrfs_item_key_to_cpu(eb, &key, i); 2182 2183 if (key.type != BTRFS_EXTENT_DATA_KEY) 2184 continue; 2185 2186 fi = btrfs_item_ptr(eb, i, struct btrfs_file_extent_item); 2187 /* filter out non qgroup-accountable extents */ 2188 extent_type = btrfs_file_extent_type(eb, fi); 2189 2190 if (extent_type == BTRFS_FILE_EXTENT_INLINE) 2191 continue; 2192 2193 bytenr = btrfs_file_extent_disk_bytenr(eb, fi); 2194 if (!bytenr) 2195 continue; 2196 2197 num_bytes = btrfs_file_extent_disk_num_bytes(eb, fi); 2198 2199 ret = btrfs_qgroup_trace_extent(trans, bytenr, num_bytes); 2200 if (ret) 2201 return ret; 2202 } 2203 cond_resched(); 2204 return 0; 2205 } 2206 2207 /* 2208 * Walk up the tree from the bottom, freeing leaves and any interior 2209 * nodes which have had all slots visited. If a node (leaf or 2210 * interior) is freed, the node above it will have it's slot 2211 * incremented. The root node will never be freed. 2212 * 2213 * At the end of this function, we should have a path which has all 2214 * slots incremented to the next position for a search. If we need to 2215 * read a new node it will be NULL and the node above it will have the 2216 * correct slot selected for a later read. 2217 * 2218 * If we increment the root nodes slot counter past the number of 2219 * elements, 1 is returned to signal completion of the search. 2220 */ 2221 static int adjust_slots_upwards(struct btrfs_path *path, int root_level) 2222 { 2223 int level = 0; 2224 int nr, slot; 2225 struct extent_buffer *eb; 2226 2227 if (root_level == 0) 2228 return 1; 2229 2230 while (level <= root_level) { 2231 eb = path->nodes[level]; 2232 nr = btrfs_header_nritems(eb); 2233 path->slots[level]++; 2234 slot = path->slots[level]; 2235 if (slot >= nr || level == 0) { 2236 /* 2237 * Don't free the root - we will detect this 2238 * condition after our loop and return a 2239 * positive value for caller to stop walking the tree. 2240 */ 2241 if (level != root_level) { 2242 btrfs_tree_unlock_rw(eb, path->locks[level]); 2243 path->locks[level] = 0; 2244 2245 free_extent_buffer(eb); 2246 path->nodes[level] = NULL; 2247 path->slots[level] = 0; 2248 } 2249 } else { 2250 /* 2251 * We have a valid slot to walk back down 2252 * from. Stop here so caller can process these 2253 * new nodes. 2254 */ 2255 break; 2256 } 2257 2258 level++; 2259 } 2260 2261 eb = path->nodes[root_level]; 2262 if (path->slots[root_level] >= btrfs_header_nritems(eb)) 2263 return 1; 2264 2265 return 0; 2266 } 2267 2268 /* 2269 * Helper function to trace a subtree tree block swap. 2270 * 2271 * The swap will happen in highest tree block, but there may be a lot of 2272 * tree blocks involved. 2273 * 2274 * For example: 2275 * OO = Old tree blocks 2276 * NN = New tree blocks allocated during balance 2277 * 2278 * File tree (257) Reloc tree for 257 2279 * L2 OO NN 2280 * / \ / \ 2281 * L1 OO OO (a) OO NN (a) 2282 * / \ / \ / \ / \ 2283 * L0 OO OO OO OO OO OO NN NN 2284 * (b) (c) (b) (c) 2285 * 2286 * When calling qgroup_trace_extent_swap(), we will pass: 2287 * @src_eb = OO(a) 2288 * @dst_path = [ nodes[1] = NN(a), nodes[0] = NN(c) ] 2289 * @dst_level = 0 2290 * @root_level = 1 2291 * 2292 * In that case, qgroup_trace_extent_swap() will search from OO(a) to 2293 * reach OO(c), then mark both OO(c) and NN(c) as qgroup dirty. 2294 * 2295 * The main work of qgroup_trace_extent_swap() can be split into 3 parts: 2296 * 2297 * 1) Tree search from @src_eb 2298 * It should acts as a simplified btrfs_search_slot(). 2299 * The key for search can be extracted from @dst_path->nodes[dst_level] 2300 * (first key). 2301 * 2302 * 2) Mark the final tree blocks in @src_path and @dst_path qgroup dirty 2303 * NOTE: In above case, OO(a) and NN(a) won't be marked qgroup dirty. 2304 * They should be marked during previous (@dst_level = 1) iteration. 2305 * 2306 * 3) Mark file extents in leaves dirty 2307 * We don't have good way to pick out new file extents only. 2308 * So we still follow the old method by scanning all file extents in 2309 * the leave. 2310 * 2311 * This function can free us from keeping two paths, thus later we only need 2312 * to care about how to iterate all new tree blocks in reloc tree. 2313 */ 2314 static int qgroup_trace_extent_swap(struct btrfs_trans_handle* trans, 2315 struct extent_buffer *src_eb, 2316 struct btrfs_path *dst_path, 2317 int dst_level, int root_level, 2318 bool trace_leaf) 2319 { 2320 struct btrfs_key key; 2321 struct btrfs_path *src_path; 2322 struct btrfs_fs_info *fs_info = trans->fs_info; 2323 u32 nodesize = fs_info->nodesize; 2324 int cur_level = root_level; 2325 int ret; 2326 2327 BUG_ON(dst_level > root_level); 2328 /* Level mismatch */ 2329 if (btrfs_header_level(src_eb) != root_level) 2330 return -EINVAL; 2331 2332 src_path = btrfs_alloc_path(); 2333 if (!src_path) { 2334 ret = -ENOMEM; 2335 goto out; 2336 } 2337 2338 if (dst_level) 2339 btrfs_node_key_to_cpu(dst_path->nodes[dst_level], &key, 0); 2340 else 2341 btrfs_item_key_to_cpu(dst_path->nodes[dst_level], &key, 0); 2342 2343 /* For src_path */ 2344 atomic_inc(&src_eb->refs); 2345 src_path->nodes[root_level] = src_eb; 2346 src_path->slots[root_level] = dst_path->slots[root_level]; 2347 src_path->locks[root_level] = 0; 2348 2349 /* A simplified version of btrfs_search_slot() */ 2350 while (cur_level >= dst_level) { 2351 struct btrfs_key src_key; 2352 struct btrfs_key dst_key; 2353 2354 if (src_path->nodes[cur_level] == NULL) { 2355 struct extent_buffer *eb; 2356 int parent_slot; 2357 2358 eb = src_path->nodes[cur_level + 1]; 2359 parent_slot = src_path->slots[cur_level + 1]; 2360 2361 eb = btrfs_read_node_slot(eb, parent_slot); 2362 if (IS_ERR(eb)) { 2363 ret = PTR_ERR(eb); 2364 goto out; 2365 } 2366 2367 src_path->nodes[cur_level] = eb; 2368 2369 btrfs_tree_read_lock(eb); 2370 src_path->locks[cur_level] = BTRFS_READ_LOCK; 2371 } 2372 2373 src_path->slots[cur_level] = dst_path->slots[cur_level]; 2374 if (cur_level) { 2375 btrfs_node_key_to_cpu(dst_path->nodes[cur_level], 2376 &dst_key, dst_path->slots[cur_level]); 2377 btrfs_node_key_to_cpu(src_path->nodes[cur_level], 2378 &src_key, src_path->slots[cur_level]); 2379 } else { 2380 btrfs_item_key_to_cpu(dst_path->nodes[cur_level], 2381 &dst_key, dst_path->slots[cur_level]); 2382 btrfs_item_key_to_cpu(src_path->nodes[cur_level], 2383 &src_key, src_path->slots[cur_level]); 2384 } 2385 /* Content mismatch, something went wrong */ 2386 if (btrfs_comp_cpu_keys(&dst_key, &src_key)) { 2387 ret = -ENOENT; 2388 goto out; 2389 } 2390 cur_level--; 2391 } 2392 2393 /* 2394 * Now both @dst_path and @src_path have been populated, record the tree 2395 * blocks for qgroup accounting. 2396 */ 2397 ret = btrfs_qgroup_trace_extent(trans, src_path->nodes[dst_level]->start, 2398 nodesize); 2399 if (ret < 0) 2400 goto out; 2401 ret = btrfs_qgroup_trace_extent(trans, dst_path->nodes[dst_level]->start, 2402 nodesize); 2403 if (ret < 0) 2404 goto out; 2405 2406 /* Record leaf file extents */ 2407 if (dst_level == 0 && trace_leaf) { 2408 ret = btrfs_qgroup_trace_leaf_items(trans, src_path->nodes[0]); 2409 if (ret < 0) 2410 goto out; 2411 ret = btrfs_qgroup_trace_leaf_items(trans, dst_path->nodes[0]); 2412 } 2413 out: 2414 btrfs_free_path(src_path); 2415 return ret; 2416 } 2417 2418 /* 2419 * Helper function to do recursive generation-aware depth-first search, to 2420 * locate all new tree blocks in a subtree of reloc tree. 2421 * 2422 * E.g. (OO = Old tree blocks, NN = New tree blocks, whose gen == last_snapshot) 2423 * reloc tree 2424 * L2 NN (a) 2425 * / \ 2426 * L1 OO NN (b) 2427 * / \ / \ 2428 * L0 OO OO OO NN 2429 * (c) (d) 2430 * If we pass: 2431 * @dst_path = [ nodes[1] = NN(b), nodes[0] = NULL ], 2432 * @cur_level = 1 2433 * @root_level = 1 2434 * 2435 * We will iterate through tree blocks NN(b), NN(d) and info qgroup to trace 2436 * above tree blocks along with their counter parts in file tree. 2437 * While during search, old tree blocks OO(c) will be skipped as tree block swap 2438 * won't affect OO(c). 2439 */ 2440 static int qgroup_trace_new_subtree_blocks(struct btrfs_trans_handle* trans, 2441 struct extent_buffer *src_eb, 2442 struct btrfs_path *dst_path, 2443 int cur_level, int root_level, 2444 u64 last_snapshot, bool trace_leaf) 2445 { 2446 struct btrfs_fs_info *fs_info = trans->fs_info; 2447 struct extent_buffer *eb; 2448 bool need_cleanup = false; 2449 int ret = 0; 2450 int i; 2451 2452 /* Level sanity check */ 2453 if (cur_level < 0 || cur_level >= BTRFS_MAX_LEVEL - 1 || 2454 root_level < 0 || root_level >= BTRFS_MAX_LEVEL - 1 || 2455 root_level < cur_level) { 2456 btrfs_err_rl(fs_info, 2457 "%s: bad levels, cur_level=%d root_level=%d", 2458 __func__, cur_level, root_level); 2459 return -EUCLEAN; 2460 } 2461 2462 /* Read the tree block if needed */ 2463 if (dst_path->nodes[cur_level] == NULL) { 2464 int parent_slot; 2465 u64 child_gen; 2466 2467 /* 2468 * dst_path->nodes[root_level] must be initialized before 2469 * calling this function. 2470 */ 2471 if (cur_level == root_level) { 2472 btrfs_err_rl(fs_info, 2473 "%s: dst_path->nodes[%d] not initialized, root_level=%d cur_level=%d", 2474 __func__, root_level, root_level, cur_level); 2475 return -EUCLEAN; 2476 } 2477 2478 /* 2479 * We need to get child blockptr/gen from parent before we can 2480 * read it. 2481 */ 2482 eb = dst_path->nodes[cur_level + 1]; 2483 parent_slot = dst_path->slots[cur_level + 1]; 2484 child_gen = btrfs_node_ptr_generation(eb, parent_slot); 2485 2486 /* This node is old, no need to trace */ 2487 if (child_gen < last_snapshot) 2488 goto out; 2489 2490 eb = btrfs_read_node_slot(eb, parent_slot); 2491 if (IS_ERR(eb)) { 2492 ret = PTR_ERR(eb); 2493 goto out; 2494 } 2495 2496 dst_path->nodes[cur_level] = eb; 2497 dst_path->slots[cur_level] = 0; 2498 2499 btrfs_tree_read_lock(eb); 2500 dst_path->locks[cur_level] = BTRFS_READ_LOCK; 2501 need_cleanup = true; 2502 } 2503 2504 /* Now record this tree block and its counter part for qgroups */ 2505 ret = qgroup_trace_extent_swap(trans, src_eb, dst_path, cur_level, 2506 root_level, trace_leaf); 2507 if (ret < 0) 2508 goto cleanup; 2509 2510 eb = dst_path->nodes[cur_level]; 2511 2512 if (cur_level > 0) { 2513 /* Iterate all child tree blocks */ 2514 for (i = 0; i < btrfs_header_nritems(eb); i++) { 2515 /* Skip old tree blocks as they won't be swapped */ 2516 if (btrfs_node_ptr_generation(eb, i) < last_snapshot) 2517 continue; 2518 dst_path->slots[cur_level] = i; 2519 2520 /* Recursive call (at most 7 times) */ 2521 ret = qgroup_trace_new_subtree_blocks(trans, src_eb, 2522 dst_path, cur_level - 1, root_level, 2523 last_snapshot, trace_leaf); 2524 if (ret < 0) 2525 goto cleanup; 2526 } 2527 } 2528 2529 cleanup: 2530 if (need_cleanup) { 2531 /* Clean up */ 2532 btrfs_tree_unlock_rw(dst_path->nodes[cur_level], 2533 dst_path->locks[cur_level]); 2534 free_extent_buffer(dst_path->nodes[cur_level]); 2535 dst_path->nodes[cur_level] = NULL; 2536 dst_path->slots[cur_level] = 0; 2537 dst_path->locks[cur_level] = 0; 2538 } 2539 out: 2540 return ret; 2541 } 2542 2543 static int qgroup_trace_subtree_swap(struct btrfs_trans_handle *trans, 2544 struct extent_buffer *src_eb, 2545 struct extent_buffer *dst_eb, 2546 u64 last_snapshot, bool trace_leaf) 2547 { 2548 struct btrfs_fs_info *fs_info = trans->fs_info; 2549 struct btrfs_path *dst_path = NULL; 2550 int level; 2551 int ret; 2552 2553 if (!btrfs_qgroup_full_accounting(fs_info)) 2554 return 0; 2555 2556 /* Wrong parameter order */ 2557 if (btrfs_header_generation(src_eb) > btrfs_header_generation(dst_eb)) { 2558 btrfs_err_rl(fs_info, 2559 "%s: bad parameter order, src_gen=%llu dst_gen=%llu", __func__, 2560 btrfs_header_generation(src_eb), 2561 btrfs_header_generation(dst_eb)); 2562 return -EUCLEAN; 2563 } 2564 2565 if (!extent_buffer_uptodate(src_eb) || !extent_buffer_uptodate(dst_eb)) { 2566 ret = -EIO; 2567 goto out; 2568 } 2569 2570 level = btrfs_header_level(dst_eb); 2571 dst_path = btrfs_alloc_path(); 2572 if (!dst_path) { 2573 ret = -ENOMEM; 2574 goto out; 2575 } 2576 /* For dst_path */ 2577 atomic_inc(&dst_eb->refs); 2578 dst_path->nodes[level] = dst_eb; 2579 dst_path->slots[level] = 0; 2580 dst_path->locks[level] = 0; 2581 2582 /* Do the generation aware breadth-first search */ 2583 ret = qgroup_trace_new_subtree_blocks(trans, src_eb, dst_path, level, 2584 level, last_snapshot, trace_leaf); 2585 if (ret < 0) 2586 goto out; 2587 ret = 0; 2588 2589 out: 2590 btrfs_free_path(dst_path); 2591 if (ret < 0) 2592 qgroup_mark_inconsistent(fs_info); 2593 return ret; 2594 } 2595 2596 /* 2597 * Inform qgroup to trace a whole subtree, including all its child tree 2598 * blocks and data. 2599 * The root tree block is specified by @root_eb. 2600 * 2601 * Normally used by relocation(tree block swap) and subvolume deletion. 2602 * 2603 * Return 0 for success 2604 * Return <0 for error(ENOMEM or tree search error) 2605 */ 2606 int btrfs_qgroup_trace_subtree(struct btrfs_trans_handle *trans, 2607 struct extent_buffer *root_eb, 2608 u64 root_gen, int root_level) 2609 { 2610 struct btrfs_fs_info *fs_info = trans->fs_info; 2611 int ret = 0; 2612 int level; 2613 u8 drop_subptree_thres; 2614 struct extent_buffer *eb = root_eb; 2615 struct btrfs_path *path = NULL; 2616 2617 ASSERT(0 <= root_level && root_level < BTRFS_MAX_LEVEL); 2618 ASSERT(root_eb != NULL); 2619 2620 if (!btrfs_qgroup_full_accounting(fs_info)) 2621 return 0; 2622 2623 spin_lock(&fs_info->qgroup_lock); 2624 drop_subptree_thres = fs_info->qgroup_drop_subtree_thres; 2625 spin_unlock(&fs_info->qgroup_lock); 2626 2627 /* 2628 * This function only gets called for snapshot drop, if we hit a high 2629 * node here, it means we are going to change ownership for quite a lot 2630 * of extents, which will greatly slow down btrfs_commit_transaction(). 2631 * 2632 * So here if we find a high tree here, we just skip the accounting and 2633 * mark qgroup inconsistent. 2634 */ 2635 if (root_level >= drop_subptree_thres) { 2636 qgroup_mark_inconsistent(fs_info); 2637 return 0; 2638 } 2639 2640 if (!extent_buffer_uptodate(root_eb)) { 2641 struct btrfs_tree_parent_check check = { 2642 .transid = root_gen, 2643 .level = root_level 2644 }; 2645 2646 ret = btrfs_read_extent_buffer(root_eb, &check); 2647 if (ret) 2648 goto out; 2649 } 2650 2651 if (root_level == 0) { 2652 ret = btrfs_qgroup_trace_leaf_items(trans, root_eb); 2653 goto out; 2654 } 2655 2656 path = btrfs_alloc_path(); 2657 if (!path) 2658 return -ENOMEM; 2659 2660 /* 2661 * Walk down the tree. Missing extent blocks are filled in as 2662 * we go. Metadata is accounted every time we read a new 2663 * extent block. 2664 * 2665 * When we reach a leaf, we account for file extent items in it, 2666 * walk back up the tree (adjusting slot pointers as we go) 2667 * and restart the search process. 2668 */ 2669 atomic_inc(&root_eb->refs); /* For path */ 2670 path->nodes[root_level] = root_eb; 2671 path->slots[root_level] = 0; 2672 path->locks[root_level] = 0; /* so release_path doesn't try to unlock */ 2673 walk_down: 2674 level = root_level; 2675 while (level >= 0) { 2676 if (path->nodes[level] == NULL) { 2677 int parent_slot; 2678 u64 child_bytenr; 2679 2680 /* 2681 * We need to get child blockptr from parent before we 2682 * can read it. 2683 */ 2684 eb = path->nodes[level + 1]; 2685 parent_slot = path->slots[level + 1]; 2686 child_bytenr = btrfs_node_blockptr(eb, parent_slot); 2687 2688 eb = btrfs_read_node_slot(eb, parent_slot); 2689 if (IS_ERR(eb)) { 2690 ret = PTR_ERR(eb); 2691 goto out; 2692 } 2693 2694 path->nodes[level] = eb; 2695 path->slots[level] = 0; 2696 2697 btrfs_tree_read_lock(eb); 2698 path->locks[level] = BTRFS_READ_LOCK; 2699 2700 ret = btrfs_qgroup_trace_extent(trans, child_bytenr, 2701 fs_info->nodesize); 2702 if (ret) 2703 goto out; 2704 } 2705 2706 if (level == 0) { 2707 ret = btrfs_qgroup_trace_leaf_items(trans, 2708 path->nodes[level]); 2709 if (ret) 2710 goto out; 2711 2712 /* Nonzero return here means we completed our search */ 2713 ret = adjust_slots_upwards(path, root_level); 2714 if (ret) 2715 break; 2716 2717 /* Restart search with new slots */ 2718 goto walk_down; 2719 } 2720 2721 level--; 2722 } 2723 2724 ret = 0; 2725 out: 2726 btrfs_free_path(path); 2727 2728 return ret; 2729 } 2730 2731 static void qgroup_iterator_nested_add(struct list_head *head, struct btrfs_qgroup *qgroup) 2732 { 2733 if (!list_empty(&qgroup->nested_iterator)) 2734 return; 2735 2736 list_add_tail(&qgroup->nested_iterator, head); 2737 } 2738 2739 static void qgroup_iterator_nested_clean(struct list_head *head) 2740 { 2741 while (!list_empty(head)) { 2742 struct btrfs_qgroup *qgroup; 2743 2744 qgroup = list_first_entry(head, struct btrfs_qgroup, nested_iterator); 2745 list_del_init(&qgroup->nested_iterator); 2746 } 2747 } 2748 2749 #define UPDATE_NEW 0 2750 #define UPDATE_OLD 1 2751 /* 2752 * Walk all of the roots that points to the bytenr and adjust their refcnts. 2753 */ 2754 static void qgroup_update_refcnt(struct btrfs_fs_info *fs_info, 2755 struct ulist *roots, struct list_head *qgroups, 2756 u64 seq, int update_old) 2757 { 2758 struct ulist_node *unode; 2759 struct ulist_iterator uiter; 2760 struct btrfs_qgroup *qg; 2761 2762 if (!roots) 2763 return; 2764 ULIST_ITER_INIT(&uiter); 2765 while ((unode = ulist_next(roots, &uiter))) { 2766 LIST_HEAD(tmp); 2767 2768 qg = find_qgroup_rb(fs_info, unode->val); 2769 if (!qg) 2770 continue; 2771 2772 qgroup_iterator_nested_add(qgroups, qg); 2773 qgroup_iterator_add(&tmp, qg); 2774 list_for_each_entry(qg, &tmp, iterator) { 2775 struct btrfs_qgroup_list *glist; 2776 2777 if (update_old) 2778 btrfs_qgroup_update_old_refcnt(qg, seq, 1); 2779 else 2780 btrfs_qgroup_update_new_refcnt(qg, seq, 1); 2781 2782 list_for_each_entry(glist, &qg->groups, next_group) { 2783 qgroup_iterator_nested_add(qgroups, glist->group); 2784 qgroup_iterator_add(&tmp, glist->group); 2785 } 2786 } 2787 qgroup_iterator_clean(&tmp); 2788 } 2789 } 2790 2791 /* 2792 * Update qgroup rfer/excl counters. 2793 * Rfer update is easy, codes can explain themselves. 2794 * 2795 * Excl update is tricky, the update is split into 2 parts. 2796 * Part 1: Possible exclusive <-> sharing detect: 2797 * | A | !A | 2798 * ------------------------------------- 2799 * B | * | - | 2800 * ------------------------------------- 2801 * !B | + | ** | 2802 * ------------------------------------- 2803 * 2804 * Conditions: 2805 * A: cur_old_roots < nr_old_roots (not exclusive before) 2806 * !A: cur_old_roots == nr_old_roots (possible exclusive before) 2807 * B: cur_new_roots < nr_new_roots (not exclusive now) 2808 * !B: cur_new_roots == nr_new_roots (possible exclusive now) 2809 * 2810 * Results: 2811 * +: Possible sharing -> exclusive -: Possible exclusive -> sharing 2812 * *: Definitely not changed. **: Possible unchanged. 2813 * 2814 * For !A and !B condition, the exception is cur_old/new_roots == 0 case. 2815 * 2816 * To make the logic clear, we first use condition A and B to split 2817 * combination into 4 results. 2818 * 2819 * Then, for result "+" and "-", check old/new_roots == 0 case, as in them 2820 * only on variant maybe 0. 2821 * 2822 * Lastly, check result **, since there are 2 variants maybe 0, split them 2823 * again(2x2). 2824 * But this time we don't need to consider other things, the codes and logic 2825 * is easy to understand now. 2826 */ 2827 static void qgroup_update_counters(struct btrfs_fs_info *fs_info, 2828 struct list_head *qgroups, u64 nr_old_roots, 2829 u64 nr_new_roots, u64 num_bytes, u64 seq) 2830 { 2831 struct btrfs_qgroup *qg; 2832 2833 list_for_each_entry(qg, qgroups, nested_iterator) { 2834 u64 cur_new_count, cur_old_count; 2835 bool dirty = false; 2836 2837 cur_old_count = btrfs_qgroup_get_old_refcnt(qg, seq); 2838 cur_new_count = btrfs_qgroup_get_new_refcnt(qg, seq); 2839 2840 trace_btrfs_qgroup_update_counters(fs_info, qg, cur_old_count, 2841 cur_new_count); 2842 2843 /* Rfer update part */ 2844 if (cur_old_count == 0 && cur_new_count > 0) { 2845 qg->rfer += num_bytes; 2846 qg->rfer_cmpr += num_bytes; 2847 dirty = true; 2848 } 2849 if (cur_old_count > 0 && cur_new_count == 0) { 2850 qg->rfer -= num_bytes; 2851 qg->rfer_cmpr -= num_bytes; 2852 dirty = true; 2853 } 2854 2855 /* Excl update part */ 2856 /* Exclusive/none -> shared case */ 2857 if (cur_old_count == nr_old_roots && 2858 cur_new_count < nr_new_roots) { 2859 /* Exclusive -> shared */ 2860 if (cur_old_count != 0) { 2861 qg->excl -= num_bytes; 2862 qg->excl_cmpr -= num_bytes; 2863 dirty = true; 2864 } 2865 } 2866 2867 /* Shared -> exclusive/none case */ 2868 if (cur_old_count < nr_old_roots && 2869 cur_new_count == nr_new_roots) { 2870 /* Shared->exclusive */ 2871 if (cur_new_count != 0) { 2872 qg->excl += num_bytes; 2873 qg->excl_cmpr += num_bytes; 2874 dirty = true; 2875 } 2876 } 2877 2878 /* Exclusive/none -> exclusive/none case */ 2879 if (cur_old_count == nr_old_roots && 2880 cur_new_count == nr_new_roots) { 2881 if (cur_old_count == 0) { 2882 /* None -> exclusive/none */ 2883 2884 if (cur_new_count != 0) { 2885 /* None -> exclusive */ 2886 qg->excl += num_bytes; 2887 qg->excl_cmpr += num_bytes; 2888 dirty = true; 2889 } 2890 /* None -> none, nothing changed */ 2891 } else { 2892 /* Exclusive -> exclusive/none */ 2893 2894 if (cur_new_count == 0) { 2895 /* Exclusive -> none */ 2896 qg->excl -= num_bytes; 2897 qg->excl_cmpr -= num_bytes; 2898 dirty = true; 2899 } 2900 /* Exclusive -> exclusive, nothing changed */ 2901 } 2902 } 2903 2904 if (dirty) 2905 qgroup_dirty(fs_info, qg); 2906 } 2907 } 2908 2909 /* 2910 * Check if the @roots potentially is a list of fs tree roots 2911 * 2912 * Return 0 for definitely not a fs/subvol tree roots ulist 2913 * Return 1 for possible fs/subvol tree roots in the list (considering an empty 2914 * one as well) 2915 */ 2916 static int maybe_fs_roots(struct ulist *roots) 2917 { 2918 struct ulist_node *unode; 2919 struct ulist_iterator uiter; 2920 2921 /* Empty one, still possible for fs roots */ 2922 if (!roots || roots->nnodes == 0) 2923 return 1; 2924 2925 ULIST_ITER_INIT(&uiter); 2926 unode = ulist_next(roots, &uiter); 2927 if (!unode) 2928 return 1; 2929 2930 /* 2931 * If it contains fs tree roots, then it must belong to fs/subvol 2932 * trees. 2933 * If it contains a non-fs tree, it won't be shared with fs/subvol trees. 2934 */ 2935 return is_fstree(unode->val); 2936 } 2937 2938 int btrfs_qgroup_account_extent(struct btrfs_trans_handle *trans, u64 bytenr, 2939 u64 num_bytes, struct ulist *old_roots, 2940 struct ulist *new_roots) 2941 { 2942 struct btrfs_fs_info *fs_info = trans->fs_info; 2943 LIST_HEAD(qgroups); 2944 u64 seq; 2945 u64 nr_new_roots = 0; 2946 u64 nr_old_roots = 0; 2947 int ret = 0; 2948 2949 /* 2950 * If quotas get disabled meanwhile, the resources need to be freed and 2951 * we can't just exit here. 2952 */ 2953 if (!btrfs_qgroup_full_accounting(fs_info) || 2954 fs_info->qgroup_flags & BTRFS_QGROUP_RUNTIME_FLAG_NO_ACCOUNTING) 2955 goto out_free; 2956 2957 if (new_roots) { 2958 if (!maybe_fs_roots(new_roots)) 2959 goto out_free; 2960 nr_new_roots = new_roots->nnodes; 2961 } 2962 if (old_roots) { 2963 if (!maybe_fs_roots(old_roots)) 2964 goto out_free; 2965 nr_old_roots = old_roots->nnodes; 2966 } 2967 2968 /* Quick exit, either not fs tree roots, or won't affect any qgroup */ 2969 if (nr_old_roots == 0 && nr_new_roots == 0) 2970 goto out_free; 2971 2972 trace_btrfs_qgroup_account_extent(fs_info, trans->transid, bytenr, 2973 num_bytes, nr_old_roots, nr_new_roots); 2974 2975 mutex_lock(&fs_info->qgroup_rescan_lock); 2976 if (fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_RESCAN) { 2977 if (fs_info->qgroup_rescan_progress.objectid <= bytenr) { 2978 mutex_unlock(&fs_info->qgroup_rescan_lock); 2979 ret = 0; 2980 goto out_free; 2981 } 2982 } 2983 mutex_unlock(&fs_info->qgroup_rescan_lock); 2984 2985 spin_lock(&fs_info->qgroup_lock); 2986 seq = fs_info->qgroup_seq; 2987 2988 /* Update old refcnts using old_roots */ 2989 qgroup_update_refcnt(fs_info, old_roots, &qgroups, seq, UPDATE_OLD); 2990 2991 /* Update new refcnts using new_roots */ 2992 qgroup_update_refcnt(fs_info, new_roots, &qgroups, seq, UPDATE_NEW); 2993 2994 qgroup_update_counters(fs_info, &qgroups, nr_old_roots, nr_new_roots, 2995 num_bytes, seq); 2996 2997 /* 2998 * We're done using the iterator, release all its qgroups while holding 2999 * fs_info->qgroup_lock so that we don't race with btrfs_remove_qgroup() 3000 * and trigger use-after-free accesses to qgroups. 3001 */ 3002 qgroup_iterator_nested_clean(&qgroups); 3003 3004 /* 3005 * Bump qgroup_seq to avoid seq overlap 3006 */ 3007 fs_info->qgroup_seq += max(nr_old_roots, nr_new_roots) + 1; 3008 spin_unlock(&fs_info->qgroup_lock); 3009 out_free: 3010 ulist_free(old_roots); 3011 ulist_free(new_roots); 3012 return ret; 3013 } 3014 3015 int btrfs_qgroup_account_extents(struct btrfs_trans_handle *trans) 3016 { 3017 struct btrfs_fs_info *fs_info = trans->fs_info; 3018 struct btrfs_qgroup_extent_record *record; 3019 struct btrfs_delayed_ref_root *delayed_refs; 3020 struct ulist *new_roots = NULL; 3021 unsigned long index; 3022 u64 num_dirty_extents = 0; 3023 u64 qgroup_to_skip; 3024 int ret = 0; 3025 3026 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_SIMPLE) 3027 return 0; 3028 3029 delayed_refs = &trans->transaction->delayed_refs; 3030 qgroup_to_skip = delayed_refs->qgroup_to_skip; 3031 xa_for_each(&delayed_refs->dirty_extents, index, record) { 3032 const u64 bytenr = (((u64)index) << fs_info->sectorsize_bits); 3033 3034 num_dirty_extents++; 3035 trace_btrfs_qgroup_account_extents(fs_info, record, bytenr); 3036 3037 if (!ret && !(fs_info->qgroup_flags & 3038 BTRFS_QGROUP_RUNTIME_FLAG_NO_ACCOUNTING)) { 3039 struct btrfs_backref_walk_ctx ctx = { 0 }; 3040 3041 ctx.bytenr = bytenr; 3042 ctx.fs_info = fs_info; 3043 3044 /* 3045 * Old roots should be searched when inserting qgroup 3046 * extent record. 3047 * 3048 * But for INCONSISTENT (NO_ACCOUNTING) -> rescan case, 3049 * we may have some record inserted during 3050 * NO_ACCOUNTING (thus no old_roots populated), but 3051 * later we start rescan, which clears NO_ACCOUNTING, 3052 * leaving some inserted records without old_roots 3053 * populated. 3054 * 3055 * Those cases are rare and should not cause too much 3056 * time spent during commit_transaction(). 3057 */ 3058 if (!record->old_roots) { 3059 /* Search commit root to find old_roots */ 3060 ret = btrfs_find_all_roots(&ctx, false); 3061 if (ret < 0) 3062 goto cleanup; 3063 record->old_roots = ctx.roots; 3064 ctx.roots = NULL; 3065 } 3066 3067 /* 3068 * Use BTRFS_SEQ_LAST as time_seq to do special search, 3069 * which doesn't lock tree or delayed_refs and search 3070 * current root. It's safe inside commit_transaction(). 3071 */ 3072 ctx.trans = trans; 3073 ctx.time_seq = BTRFS_SEQ_LAST; 3074 ret = btrfs_find_all_roots(&ctx, false); 3075 if (ret < 0) 3076 goto cleanup; 3077 new_roots = ctx.roots; 3078 if (qgroup_to_skip) { 3079 ulist_del(new_roots, qgroup_to_skip, 0); 3080 ulist_del(record->old_roots, qgroup_to_skip, 3081 0); 3082 } 3083 ret = btrfs_qgroup_account_extent(trans, bytenr, 3084 record->num_bytes, 3085 record->old_roots, 3086 new_roots); 3087 record->old_roots = NULL; 3088 new_roots = NULL; 3089 } 3090 /* Free the reserved data space */ 3091 btrfs_qgroup_free_refroot(fs_info, 3092 record->data_rsv_refroot, 3093 record->data_rsv, 3094 BTRFS_QGROUP_RSV_DATA); 3095 cleanup: 3096 ulist_free(record->old_roots); 3097 ulist_free(new_roots); 3098 new_roots = NULL; 3099 xa_erase(&delayed_refs->dirty_extents, index); 3100 kfree(record); 3101 3102 } 3103 trace_btrfs_qgroup_num_dirty_extents(fs_info, trans->transid, num_dirty_extents); 3104 return ret; 3105 } 3106 3107 /* 3108 * Writes all changed qgroups to disk. 3109 * Called by the transaction commit path and the qgroup assign ioctl. 3110 */ 3111 int btrfs_run_qgroups(struct btrfs_trans_handle *trans) 3112 { 3113 struct btrfs_fs_info *fs_info = trans->fs_info; 3114 int ret = 0; 3115 3116 /* 3117 * In case we are called from the qgroup assign ioctl, assert that we 3118 * are holding the qgroup_ioctl_lock, otherwise we can race with a quota 3119 * disable operation (ioctl) and access a freed quota root. 3120 */ 3121 if (trans->transaction->state != TRANS_STATE_COMMIT_DOING) 3122 lockdep_assert_held(&fs_info->qgroup_ioctl_lock); 3123 3124 if (!fs_info->quota_root) 3125 return ret; 3126 3127 spin_lock(&fs_info->qgroup_lock); 3128 while (!list_empty(&fs_info->dirty_qgroups)) { 3129 struct btrfs_qgroup *qgroup; 3130 qgroup = list_first_entry(&fs_info->dirty_qgroups, 3131 struct btrfs_qgroup, dirty); 3132 list_del_init(&qgroup->dirty); 3133 spin_unlock(&fs_info->qgroup_lock); 3134 ret = update_qgroup_info_item(trans, qgroup); 3135 if (ret) 3136 qgroup_mark_inconsistent(fs_info); 3137 ret = update_qgroup_limit_item(trans, qgroup); 3138 if (ret) 3139 qgroup_mark_inconsistent(fs_info); 3140 spin_lock(&fs_info->qgroup_lock); 3141 } 3142 if (btrfs_qgroup_enabled(fs_info)) 3143 fs_info->qgroup_flags |= BTRFS_QGROUP_STATUS_FLAG_ON; 3144 else 3145 fs_info->qgroup_flags &= ~BTRFS_QGROUP_STATUS_FLAG_ON; 3146 spin_unlock(&fs_info->qgroup_lock); 3147 3148 ret = update_qgroup_status_item(trans); 3149 if (ret) 3150 qgroup_mark_inconsistent(fs_info); 3151 3152 return ret; 3153 } 3154 3155 int btrfs_qgroup_check_inherit(struct btrfs_fs_info *fs_info, 3156 struct btrfs_qgroup_inherit *inherit, 3157 size_t size) 3158 { 3159 if (inherit->flags & ~BTRFS_QGROUP_INHERIT_FLAGS_SUPP) 3160 return -EOPNOTSUPP; 3161 if (size < sizeof(*inherit) || size > PAGE_SIZE) 3162 return -EINVAL; 3163 3164 /* 3165 * In the past we allowed btrfs_qgroup_inherit to specify to copy 3166 * rfer/excl numbers directly from other qgroups. This behavior has 3167 * been disabled in userspace for a very long time, but here we should 3168 * also disable it in kernel, as this behavior is known to mark qgroup 3169 * inconsistent, and a rescan would wipe out the changes anyway. 3170 * 3171 * Reject any btrfs_qgroup_inherit with num_ref_copies or num_excl_copies. 3172 */ 3173 if (inherit->num_ref_copies > 0 || inherit->num_excl_copies > 0) 3174 return -EINVAL; 3175 3176 if (size != struct_size(inherit, qgroups, inherit->num_qgroups)) 3177 return -EINVAL; 3178 3179 /* 3180 * Skip the inherit source qgroups check if qgroup is not enabled. 3181 * Qgroup can still be later enabled causing problems, but in that case 3182 * btrfs_qgroup_inherit() would just ignore those invalid ones. 3183 */ 3184 if (!btrfs_qgroup_enabled(fs_info)) 3185 return 0; 3186 3187 /* 3188 * Now check all the remaining qgroups, they should all: 3189 * 3190 * - Exist 3191 * - Be higher level qgroups. 3192 */ 3193 for (int i = 0; i < inherit->num_qgroups; i++) { 3194 struct btrfs_qgroup *qgroup; 3195 u64 qgroupid = inherit->qgroups[i]; 3196 3197 if (btrfs_qgroup_level(qgroupid) == 0) 3198 return -EINVAL; 3199 3200 spin_lock(&fs_info->qgroup_lock); 3201 qgroup = find_qgroup_rb(fs_info, qgroupid); 3202 if (!qgroup) { 3203 spin_unlock(&fs_info->qgroup_lock); 3204 return -ENOENT; 3205 } 3206 spin_unlock(&fs_info->qgroup_lock); 3207 } 3208 return 0; 3209 } 3210 3211 static int qgroup_auto_inherit(struct btrfs_fs_info *fs_info, 3212 u64 inode_rootid, 3213 struct btrfs_qgroup_inherit **inherit) 3214 { 3215 int i = 0; 3216 u64 num_qgroups = 0; 3217 struct btrfs_qgroup *inode_qg; 3218 struct btrfs_qgroup_list *qg_list; 3219 struct btrfs_qgroup_inherit *res; 3220 size_t struct_sz; 3221 u64 *qgids; 3222 3223 if (*inherit) 3224 return -EEXIST; 3225 3226 inode_qg = find_qgroup_rb(fs_info, inode_rootid); 3227 if (!inode_qg) 3228 return -ENOENT; 3229 3230 num_qgroups = list_count_nodes(&inode_qg->groups); 3231 3232 if (!num_qgroups) 3233 return 0; 3234 3235 struct_sz = struct_size(res, qgroups, num_qgroups); 3236 if (struct_sz == SIZE_MAX) 3237 return -ERANGE; 3238 3239 res = kzalloc(struct_sz, GFP_NOFS); 3240 if (!res) 3241 return -ENOMEM; 3242 res->num_qgroups = num_qgroups; 3243 qgids = res->qgroups; 3244 3245 list_for_each_entry(qg_list, &inode_qg->groups, next_group) 3246 qgids[i++] = qg_list->group->qgroupid; 3247 3248 *inherit = res; 3249 return 0; 3250 } 3251 3252 /* 3253 * Check if we can skip rescan when inheriting qgroups. If @src has a single 3254 * @parent, and that @parent is owning all its bytes exclusively, we can skip 3255 * the full rescan, by just adding nodesize to the @parent's excl/rfer. 3256 * 3257 * Return <0 for fatal errors (like srcid/parentid has no qgroup). 3258 * Return 0 if a quick inherit is done. 3259 * Return >0 if a quick inherit is not possible, and a full rescan is needed. 3260 */ 3261 static int qgroup_snapshot_quick_inherit(struct btrfs_fs_info *fs_info, 3262 u64 srcid, u64 parentid) 3263 { 3264 struct btrfs_qgroup *src; 3265 struct btrfs_qgroup *parent; 3266 struct btrfs_qgroup_list *list; 3267 int nr_parents = 0; 3268 3269 src = find_qgroup_rb(fs_info, srcid); 3270 if (!src) 3271 return -ENOENT; 3272 parent = find_qgroup_rb(fs_info, parentid); 3273 if (!parent) 3274 return -ENOENT; 3275 3276 /* 3277 * Source has no parent qgroup, but our new qgroup would have one. 3278 * Qgroup numbers would become inconsistent. 3279 */ 3280 if (list_empty(&src->groups)) 3281 return 1; 3282 3283 list_for_each_entry(list, &src->groups, next_group) { 3284 /* The parent is not the same, quick update is not possible. */ 3285 if (list->group->qgroupid != parentid) 3286 return 1; 3287 nr_parents++; 3288 /* 3289 * More than one parent qgroup, we can't be sure about accounting 3290 * consistency. 3291 */ 3292 if (nr_parents > 1) 3293 return 1; 3294 } 3295 3296 /* 3297 * The parent is not exclusively owning all its bytes. We're not sure 3298 * if the source has any bytes not fully owned by the parent. 3299 */ 3300 if (parent->excl != parent->rfer) 3301 return 1; 3302 3303 parent->excl += fs_info->nodesize; 3304 parent->rfer += fs_info->nodesize; 3305 return 0; 3306 } 3307 3308 /* 3309 * Copy the accounting information between qgroups. This is necessary 3310 * when a snapshot or a subvolume is created. Throwing an error will 3311 * cause a transaction abort so we take extra care here to only error 3312 * when a readonly fs is a reasonable outcome. 3313 */ 3314 int btrfs_qgroup_inherit(struct btrfs_trans_handle *trans, u64 srcid, 3315 u64 objectid, u64 inode_rootid, 3316 struct btrfs_qgroup_inherit *inherit) 3317 { 3318 int ret = 0; 3319 u64 *i_qgroups; 3320 bool committing = false; 3321 struct btrfs_fs_info *fs_info = trans->fs_info; 3322 struct btrfs_root *quota_root; 3323 struct btrfs_qgroup *srcgroup; 3324 struct btrfs_qgroup *dstgroup; 3325 struct btrfs_qgroup *prealloc; 3326 struct btrfs_qgroup_list **qlist_prealloc = NULL; 3327 bool free_inherit = false; 3328 bool need_rescan = false; 3329 u32 level_size = 0; 3330 u64 nums; 3331 3332 prealloc = kzalloc(sizeof(*prealloc), GFP_NOFS); 3333 if (!prealloc) 3334 return -ENOMEM; 3335 3336 /* 3337 * There are only two callers of this function. 3338 * 3339 * One in create_subvol() in the ioctl context, which needs to hold 3340 * the qgroup_ioctl_lock. 3341 * 3342 * The other one in create_pending_snapshot() where no other qgroup 3343 * code can modify the fs as they all need to either start a new trans 3344 * or hold a trans handler, thus we don't need to hold 3345 * qgroup_ioctl_lock. 3346 * This would avoid long and complex lock chain and make lockdep happy. 3347 */ 3348 spin_lock(&fs_info->trans_lock); 3349 if (trans->transaction->state == TRANS_STATE_COMMIT_DOING) 3350 committing = true; 3351 spin_unlock(&fs_info->trans_lock); 3352 3353 if (!committing) 3354 mutex_lock(&fs_info->qgroup_ioctl_lock); 3355 if (!btrfs_qgroup_enabled(fs_info)) 3356 goto out; 3357 3358 quota_root = fs_info->quota_root; 3359 if (!quota_root) { 3360 ret = -EINVAL; 3361 goto out; 3362 } 3363 3364 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_SIMPLE && !inherit) { 3365 ret = qgroup_auto_inherit(fs_info, inode_rootid, &inherit); 3366 if (ret) 3367 goto out; 3368 free_inherit = true; 3369 } 3370 3371 if (inherit) { 3372 i_qgroups = (u64 *)(inherit + 1); 3373 nums = inherit->num_qgroups + 2 * inherit->num_ref_copies + 3374 2 * inherit->num_excl_copies; 3375 for (int i = 0; i < nums; i++) { 3376 srcgroup = find_qgroup_rb(fs_info, *i_qgroups); 3377 3378 /* 3379 * Zero out invalid groups so we can ignore 3380 * them later. 3381 */ 3382 if (!srcgroup || 3383 ((srcgroup->qgroupid >> 48) <= (objectid >> 48))) 3384 *i_qgroups = 0ULL; 3385 3386 ++i_qgroups; 3387 } 3388 } 3389 3390 /* 3391 * create a tracking group for the subvol itself 3392 */ 3393 ret = add_qgroup_item(trans, quota_root, objectid); 3394 if (ret) 3395 goto out; 3396 3397 /* 3398 * add qgroup to all inherited groups 3399 */ 3400 if (inherit) { 3401 i_qgroups = (u64 *)(inherit + 1); 3402 for (int i = 0; i < inherit->num_qgroups; i++, i_qgroups++) { 3403 if (*i_qgroups == 0) 3404 continue; 3405 ret = add_qgroup_relation_item(trans, objectid, 3406 *i_qgroups); 3407 if (ret && ret != -EEXIST) 3408 goto out; 3409 ret = add_qgroup_relation_item(trans, *i_qgroups, 3410 objectid); 3411 if (ret && ret != -EEXIST) 3412 goto out; 3413 } 3414 ret = 0; 3415 3416 qlist_prealloc = kcalloc(inherit->num_qgroups, 3417 sizeof(struct btrfs_qgroup_list *), 3418 GFP_NOFS); 3419 if (!qlist_prealloc) { 3420 ret = -ENOMEM; 3421 goto out; 3422 } 3423 for (int i = 0; i < inherit->num_qgroups; i++) { 3424 qlist_prealloc[i] = kzalloc(sizeof(struct btrfs_qgroup_list), 3425 GFP_NOFS); 3426 if (!qlist_prealloc[i]) { 3427 ret = -ENOMEM; 3428 goto out; 3429 } 3430 } 3431 } 3432 3433 spin_lock(&fs_info->qgroup_lock); 3434 3435 dstgroup = add_qgroup_rb(fs_info, prealloc, objectid); 3436 prealloc = NULL; 3437 3438 if (inherit && inherit->flags & BTRFS_QGROUP_INHERIT_SET_LIMITS) { 3439 dstgroup->lim_flags = inherit->lim.flags; 3440 dstgroup->max_rfer = inherit->lim.max_rfer; 3441 dstgroup->max_excl = inherit->lim.max_excl; 3442 dstgroup->rsv_rfer = inherit->lim.rsv_rfer; 3443 dstgroup->rsv_excl = inherit->lim.rsv_excl; 3444 3445 qgroup_dirty(fs_info, dstgroup); 3446 } 3447 3448 if (srcid && btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_FULL) { 3449 srcgroup = find_qgroup_rb(fs_info, srcid); 3450 if (!srcgroup) 3451 goto unlock; 3452 3453 /* 3454 * We call inherit after we clone the root in order to make sure 3455 * our counts don't go crazy, so at this point the only 3456 * difference between the two roots should be the root node. 3457 */ 3458 level_size = fs_info->nodesize; 3459 dstgroup->rfer = srcgroup->rfer; 3460 dstgroup->rfer_cmpr = srcgroup->rfer_cmpr; 3461 dstgroup->excl = level_size; 3462 dstgroup->excl_cmpr = level_size; 3463 srcgroup->excl = level_size; 3464 srcgroup->excl_cmpr = level_size; 3465 3466 /* inherit the limit info */ 3467 dstgroup->lim_flags = srcgroup->lim_flags; 3468 dstgroup->max_rfer = srcgroup->max_rfer; 3469 dstgroup->max_excl = srcgroup->max_excl; 3470 dstgroup->rsv_rfer = srcgroup->rsv_rfer; 3471 dstgroup->rsv_excl = srcgroup->rsv_excl; 3472 3473 qgroup_dirty(fs_info, dstgroup); 3474 qgroup_dirty(fs_info, srcgroup); 3475 3476 /* 3477 * If the source qgroup has parent but the new one doesn't, 3478 * we need a full rescan. 3479 */ 3480 if (!inherit && !list_empty(&srcgroup->groups)) 3481 need_rescan = true; 3482 } 3483 3484 if (!inherit) 3485 goto unlock; 3486 3487 i_qgroups = (u64 *)(inherit + 1); 3488 for (int i = 0; i < inherit->num_qgroups; i++) { 3489 if (*i_qgroups) { 3490 ret = add_relation_rb(fs_info, qlist_prealloc[i], objectid, 3491 *i_qgroups); 3492 qlist_prealloc[i] = NULL; 3493 if (ret) 3494 goto unlock; 3495 } 3496 if (srcid) { 3497 /* Check if we can do a quick inherit. */ 3498 ret = qgroup_snapshot_quick_inherit(fs_info, srcid, *i_qgroups); 3499 if (ret < 0) 3500 goto unlock; 3501 if (ret > 0) 3502 need_rescan = true; 3503 ret = 0; 3504 } 3505 ++i_qgroups; 3506 } 3507 3508 for (int i = 0; i < inherit->num_ref_copies; i++, i_qgroups += 2) { 3509 struct btrfs_qgroup *src; 3510 struct btrfs_qgroup *dst; 3511 3512 if (!i_qgroups[0] || !i_qgroups[1]) 3513 continue; 3514 3515 src = find_qgroup_rb(fs_info, i_qgroups[0]); 3516 dst = find_qgroup_rb(fs_info, i_qgroups[1]); 3517 3518 if (!src || !dst) { 3519 ret = -EINVAL; 3520 goto unlock; 3521 } 3522 3523 dst->rfer = src->rfer - level_size; 3524 dst->rfer_cmpr = src->rfer_cmpr - level_size; 3525 3526 /* Manually tweaking numbers certainly needs a rescan */ 3527 need_rescan = true; 3528 } 3529 for (int i = 0; i < inherit->num_excl_copies; i++, i_qgroups += 2) { 3530 struct btrfs_qgroup *src; 3531 struct btrfs_qgroup *dst; 3532 3533 if (!i_qgroups[0] || !i_qgroups[1]) 3534 continue; 3535 3536 src = find_qgroup_rb(fs_info, i_qgroups[0]); 3537 dst = find_qgroup_rb(fs_info, i_qgroups[1]); 3538 3539 if (!src || !dst) { 3540 ret = -EINVAL; 3541 goto unlock; 3542 } 3543 3544 dst->excl = src->excl + level_size; 3545 dst->excl_cmpr = src->excl_cmpr + level_size; 3546 need_rescan = true; 3547 } 3548 3549 unlock: 3550 spin_unlock(&fs_info->qgroup_lock); 3551 if (!ret) 3552 ret = btrfs_sysfs_add_one_qgroup(fs_info, dstgroup); 3553 out: 3554 if (!committing) 3555 mutex_unlock(&fs_info->qgroup_ioctl_lock); 3556 if (need_rescan) 3557 qgroup_mark_inconsistent(fs_info); 3558 if (qlist_prealloc) { 3559 for (int i = 0; i < inherit->num_qgroups; i++) 3560 kfree(qlist_prealloc[i]); 3561 kfree(qlist_prealloc); 3562 } 3563 if (free_inherit) 3564 kfree(inherit); 3565 kfree(prealloc); 3566 return ret; 3567 } 3568 3569 static bool qgroup_check_limits(const struct btrfs_qgroup *qg, u64 num_bytes) 3570 { 3571 if ((qg->lim_flags & BTRFS_QGROUP_LIMIT_MAX_RFER) && 3572 qgroup_rsv_total(qg) + (s64)qg->rfer + num_bytes > qg->max_rfer) 3573 return false; 3574 3575 if ((qg->lim_flags & BTRFS_QGROUP_LIMIT_MAX_EXCL) && 3576 qgroup_rsv_total(qg) + (s64)qg->excl + num_bytes > qg->max_excl) 3577 return false; 3578 3579 return true; 3580 } 3581 3582 static int qgroup_reserve(struct btrfs_root *root, u64 num_bytes, bool enforce, 3583 enum btrfs_qgroup_rsv_type type) 3584 { 3585 struct btrfs_qgroup *qgroup; 3586 struct btrfs_fs_info *fs_info = root->fs_info; 3587 u64 ref_root = btrfs_root_id(root); 3588 int ret = 0; 3589 LIST_HEAD(qgroup_list); 3590 3591 if (!is_fstree(ref_root)) 3592 return 0; 3593 3594 if (num_bytes == 0) 3595 return 0; 3596 3597 if (test_bit(BTRFS_FS_QUOTA_OVERRIDE, &fs_info->flags) && 3598 capable(CAP_SYS_RESOURCE)) 3599 enforce = false; 3600 3601 spin_lock(&fs_info->qgroup_lock); 3602 if (!fs_info->quota_root) 3603 goto out; 3604 3605 qgroup = find_qgroup_rb(fs_info, ref_root); 3606 if (!qgroup) 3607 goto out; 3608 3609 qgroup_iterator_add(&qgroup_list, qgroup); 3610 list_for_each_entry(qgroup, &qgroup_list, iterator) { 3611 struct btrfs_qgroup_list *glist; 3612 3613 if (enforce && !qgroup_check_limits(qgroup, num_bytes)) { 3614 ret = -EDQUOT; 3615 goto out; 3616 } 3617 3618 list_for_each_entry(glist, &qgroup->groups, next_group) 3619 qgroup_iterator_add(&qgroup_list, glist->group); 3620 } 3621 3622 ret = 0; 3623 /* 3624 * no limits exceeded, now record the reservation into all qgroups 3625 */ 3626 list_for_each_entry(qgroup, &qgroup_list, iterator) 3627 qgroup_rsv_add(fs_info, qgroup, num_bytes, type); 3628 3629 out: 3630 qgroup_iterator_clean(&qgroup_list); 3631 spin_unlock(&fs_info->qgroup_lock); 3632 return ret; 3633 } 3634 3635 /* 3636 * Free @num_bytes of reserved space with @type for qgroup. (Normally level 0 3637 * qgroup). 3638 * 3639 * Will handle all higher level qgroup too. 3640 * 3641 * NOTE: If @num_bytes is (u64)-1, this means to free all bytes of this qgroup. 3642 * This special case is only used for META_PERTRANS type. 3643 */ 3644 void btrfs_qgroup_free_refroot(struct btrfs_fs_info *fs_info, 3645 u64 ref_root, u64 num_bytes, 3646 enum btrfs_qgroup_rsv_type type) 3647 { 3648 struct btrfs_qgroup *qgroup; 3649 LIST_HEAD(qgroup_list); 3650 3651 if (!is_fstree(ref_root)) 3652 return; 3653 3654 if (num_bytes == 0) 3655 return; 3656 3657 if (num_bytes == (u64)-1 && type != BTRFS_QGROUP_RSV_META_PERTRANS) { 3658 WARN(1, "%s: Invalid type to free", __func__); 3659 return; 3660 } 3661 spin_lock(&fs_info->qgroup_lock); 3662 3663 if (!fs_info->quota_root) 3664 goto out; 3665 3666 qgroup = find_qgroup_rb(fs_info, ref_root); 3667 if (!qgroup) 3668 goto out; 3669 3670 if (num_bytes == (u64)-1) 3671 /* 3672 * We're freeing all pertrans rsv, get reserved value from 3673 * level 0 qgroup as real num_bytes to free. 3674 */ 3675 num_bytes = qgroup->rsv.values[type]; 3676 3677 qgroup_iterator_add(&qgroup_list, qgroup); 3678 list_for_each_entry(qgroup, &qgroup_list, iterator) { 3679 struct btrfs_qgroup_list *glist; 3680 3681 qgroup_rsv_release(fs_info, qgroup, num_bytes, type); 3682 list_for_each_entry(glist, &qgroup->groups, next_group) { 3683 qgroup_iterator_add(&qgroup_list, glist->group); 3684 } 3685 } 3686 out: 3687 qgroup_iterator_clean(&qgroup_list); 3688 spin_unlock(&fs_info->qgroup_lock); 3689 } 3690 3691 /* 3692 * Check if the leaf is the last leaf. Which means all node pointers 3693 * are at their last position. 3694 */ 3695 static bool is_last_leaf(struct btrfs_path *path) 3696 { 3697 int i; 3698 3699 for (i = 1; i < BTRFS_MAX_LEVEL && path->nodes[i]; i++) { 3700 if (path->slots[i] != btrfs_header_nritems(path->nodes[i]) - 1) 3701 return false; 3702 } 3703 return true; 3704 } 3705 3706 /* 3707 * returns < 0 on error, 0 when more leafs are to be scanned. 3708 * returns 1 when done. 3709 */ 3710 static int qgroup_rescan_leaf(struct btrfs_trans_handle *trans, 3711 struct btrfs_path *path) 3712 { 3713 struct btrfs_fs_info *fs_info = trans->fs_info; 3714 struct btrfs_root *extent_root; 3715 struct btrfs_key found; 3716 struct extent_buffer *scratch_leaf = NULL; 3717 u64 num_bytes; 3718 bool done; 3719 int slot; 3720 int ret; 3721 3722 if (!btrfs_qgroup_full_accounting(fs_info)) 3723 return 1; 3724 3725 mutex_lock(&fs_info->qgroup_rescan_lock); 3726 extent_root = btrfs_extent_root(fs_info, 3727 fs_info->qgroup_rescan_progress.objectid); 3728 ret = btrfs_search_slot_for_read(extent_root, 3729 &fs_info->qgroup_rescan_progress, 3730 path, 1, 0); 3731 3732 btrfs_debug(fs_info, 3733 "current progress key (%llu %u %llu), search_slot ret %d", 3734 fs_info->qgroup_rescan_progress.objectid, 3735 fs_info->qgroup_rescan_progress.type, 3736 fs_info->qgroup_rescan_progress.offset, ret); 3737 3738 if (ret) { 3739 /* 3740 * The rescan is about to end, we will not be scanning any 3741 * further blocks. We cannot unset the RESCAN flag here, because 3742 * we want to commit the transaction if everything went well. 3743 * To make the live accounting work in this phase, we set our 3744 * scan progress pointer such that every real extent objectid 3745 * will be smaller. 3746 */ 3747 fs_info->qgroup_rescan_progress.objectid = (u64)-1; 3748 btrfs_release_path(path); 3749 mutex_unlock(&fs_info->qgroup_rescan_lock); 3750 return ret; 3751 } 3752 done = is_last_leaf(path); 3753 3754 btrfs_item_key_to_cpu(path->nodes[0], &found, 3755 btrfs_header_nritems(path->nodes[0]) - 1); 3756 fs_info->qgroup_rescan_progress.objectid = found.objectid + 1; 3757 3758 scratch_leaf = btrfs_clone_extent_buffer(path->nodes[0]); 3759 if (!scratch_leaf) { 3760 ret = -ENOMEM; 3761 mutex_unlock(&fs_info->qgroup_rescan_lock); 3762 goto out; 3763 } 3764 slot = path->slots[0]; 3765 btrfs_release_path(path); 3766 mutex_unlock(&fs_info->qgroup_rescan_lock); 3767 3768 for (; slot < btrfs_header_nritems(scratch_leaf); ++slot) { 3769 struct btrfs_backref_walk_ctx ctx = { 0 }; 3770 3771 btrfs_item_key_to_cpu(scratch_leaf, &found, slot); 3772 if (found.type != BTRFS_EXTENT_ITEM_KEY && 3773 found.type != BTRFS_METADATA_ITEM_KEY) 3774 continue; 3775 if (found.type == BTRFS_METADATA_ITEM_KEY) 3776 num_bytes = fs_info->nodesize; 3777 else 3778 num_bytes = found.offset; 3779 3780 ctx.bytenr = found.objectid; 3781 ctx.fs_info = fs_info; 3782 3783 ret = btrfs_find_all_roots(&ctx, false); 3784 if (ret < 0) 3785 goto out; 3786 /* For rescan, just pass old_roots as NULL */ 3787 ret = btrfs_qgroup_account_extent(trans, found.objectid, 3788 num_bytes, NULL, ctx.roots); 3789 if (ret < 0) 3790 goto out; 3791 } 3792 out: 3793 if (scratch_leaf) 3794 free_extent_buffer(scratch_leaf); 3795 3796 if (done && !ret) { 3797 ret = 1; 3798 fs_info->qgroup_rescan_progress.objectid = (u64)-1; 3799 } 3800 return ret; 3801 } 3802 3803 static bool rescan_should_stop(struct btrfs_fs_info *fs_info) 3804 { 3805 if (btrfs_fs_closing(fs_info)) 3806 return true; 3807 if (test_bit(BTRFS_FS_STATE_REMOUNTING, &fs_info->fs_state)) 3808 return true; 3809 if (!btrfs_qgroup_enabled(fs_info)) 3810 return true; 3811 if (fs_info->qgroup_flags & BTRFS_QGROUP_RUNTIME_FLAG_CANCEL_RESCAN) 3812 return true; 3813 return false; 3814 } 3815 3816 static void btrfs_qgroup_rescan_worker(struct btrfs_work *work) 3817 { 3818 struct btrfs_fs_info *fs_info = container_of(work, struct btrfs_fs_info, 3819 qgroup_rescan_work); 3820 struct btrfs_path *path; 3821 struct btrfs_trans_handle *trans = NULL; 3822 int ret = 0; 3823 bool stopped = false; 3824 bool did_leaf_rescans = false; 3825 3826 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_SIMPLE) 3827 return; 3828 3829 path = btrfs_alloc_path(); 3830 if (!path) { 3831 ret = -ENOMEM; 3832 goto out; 3833 } 3834 /* 3835 * Rescan should only search for commit root, and any later difference 3836 * should be recorded by qgroup 3837 */ 3838 path->search_commit_root = 1; 3839 path->skip_locking = 1; 3840 3841 while (!ret && !(stopped = rescan_should_stop(fs_info))) { 3842 trans = btrfs_start_transaction(fs_info->fs_root, 0); 3843 if (IS_ERR(trans)) { 3844 ret = PTR_ERR(trans); 3845 break; 3846 } 3847 3848 ret = qgroup_rescan_leaf(trans, path); 3849 did_leaf_rescans = true; 3850 3851 if (ret > 0) 3852 btrfs_commit_transaction(trans); 3853 else 3854 btrfs_end_transaction(trans); 3855 } 3856 3857 out: 3858 btrfs_free_path(path); 3859 3860 mutex_lock(&fs_info->qgroup_rescan_lock); 3861 if (ret > 0 && 3862 fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT) { 3863 fs_info->qgroup_flags &= ~BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT; 3864 } else if (ret < 0 || stopped) { 3865 fs_info->qgroup_flags |= BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT; 3866 } 3867 mutex_unlock(&fs_info->qgroup_rescan_lock); 3868 3869 /* 3870 * Only update status, since the previous part has already updated the 3871 * qgroup info, and only if we did any actual work. This also prevents 3872 * race with a concurrent quota disable, which has already set 3873 * fs_info->quota_root to NULL and cleared BTRFS_FS_QUOTA_ENABLED at 3874 * btrfs_quota_disable(). 3875 */ 3876 if (did_leaf_rescans) { 3877 trans = btrfs_start_transaction(fs_info->quota_root, 1); 3878 if (IS_ERR(trans)) { 3879 ret = PTR_ERR(trans); 3880 trans = NULL; 3881 btrfs_err(fs_info, 3882 "fail to start transaction for status update: %d", 3883 ret); 3884 } 3885 } else { 3886 trans = NULL; 3887 } 3888 3889 mutex_lock(&fs_info->qgroup_rescan_lock); 3890 if (!stopped || 3891 fs_info->qgroup_flags & BTRFS_QGROUP_RUNTIME_FLAG_CANCEL_RESCAN) 3892 fs_info->qgroup_flags &= ~BTRFS_QGROUP_STATUS_FLAG_RESCAN; 3893 if (trans) { 3894 int ret2 = update_qgroup_status_item(trans); 3895 3896 if (ret2 < 0) { 3897 ret = ret2; 3898 btrfs_err(fs_info, "fail to update qgroup status: %d", ret); 3899 } 3900 } 3901 fs_info->qgroup_rescan_running = false; 3902 fs_info->qgroup_flags &= ~BTRFS_QGROUP_RUNTIME_FLAG_CANCEL_RESCAN; 3903 complete_all(&fs_info->qgroup_rescan_completion); 3904 mutex_unlock(&fs_info->qgroup_rescan_lock); 3905 3906 if (!trans) 3907 return; 3908 3909 btrfs_end_transaction(trans); 3910 3911 if (stopped) { 3912 btrfs_info(fs_info, "qgroup scan paused"); 3913 } else if (fs_info->qgroup_flags & BTRFS_QGROUP_RUNTIME_FLAG_CANCEL_RESCAN) { 3914 btrfs_info(fs_info, "qgroup scan cancelled"); 3915 } else if (ret >= 0) { 3916 btrfs_info(fs_info, "qgroup scan completed%s", 3917 ret > 0 ? " (inconsistency flag cleared)" : ""); 3918 } else { 3919 btrfs_err(fs_info, "qgroup scan failed with %d", ret); 3920 } 3921 } 3922 3923 /* 3924 * Checks that (a) no rescan is running and (b) quota is enabled. Allocates all 3925 * memory required for the rescan context. 3926 */ 3927 static int 3928 qgroup_rescan_init(struct btrfs_fs_info *fs_info, u64 progress_objectid, 3929 int init_flags) 3930 { 3931 int ret = 0; 3932 3933 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_SIMPLE) { 3934 btrfs_warn(fs_info, "qgroup rescan init failed, running in simple mode"); 3935 return -EINVAL; 3936 } 3937 3938 if (!init_flags) { 3939 /* we're resuming qgroup rescan at mount time */ 3940 if (!(fs_info->qgroup_flags & 3941 BTRFS_QGROUP_STATUS_FLAG_RESCAN)) { 3942 btrfs_debug(fs_info, 3943 "qgroup rescan init failed, qgroup rescan is not queued"); 3944 ret = -EINVAL; 3945 } else if (!(fs_info->qgroup_flags & 3946 BTRFS_QGROUP_STATUS_FLAG_ON)) { 3947 btrfs_debug(fs_info, 3948 "qgroup rescan init failed, qgroup is not enabled"); 3949 ret = -ENOTCONN; 3950 } 3951 3952 if (ret) 3953 return ret; 3954 } 3955 3956 mutex_lock(&fs_info->qgroup_rescan_lock); 3957 3958 if (init_flags) { 3959 if (fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_RESCAN) { 3960 ret = -EINPROGRESS; 3961 } else if (!(fs_info->qgroup_flags & 3962 BTRFS_QGROUP_STATUS_FLAG_ON)) { 3963 btrfs_debug(fs_info, 3964 "qgroup rescan init failed, qgroup is not enabled"); 3965 ret = -ENOTCONN; 3966 } else if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_DISABLED) { 3967 /* Quota disable is in progress */ 3968 ret = -EBUSY; 3969 } 3970 3971 if (ret) { 3972 mutex_unlock(&fs_info->qgroup_rescan_lock); 3973 return ret; 3974 } 3975 fs_info->qgroup_flags |= BTRFS_QGROUP_STATUS_FLAG_RESCAN; 3976 } 3977 3978 memset(&fs_info->qgroup_rescan_progress, 0, 3979 sizeof(fs_info->qgroup_rescan_progress)); 3980 fs_info->qgroup_flags &= ~(BTRFS_QGROUP_RUNTIME_FLAG_CANCEL_RESCAN | 3981 BTRFS_QGROUP_RUNTIME_FLAG_NO_ACCOUNTING); 3982 fs_info->qgroup_rescan_progress.objectid = progress_objectid; 3983 init_completion(&fs_info->qgroup_rescan_completion); 3984 mutex_unlock(&fs_info->qgroup_rescan_lock); 3985 3986 btrfs_init_work(&fs_info->qgroup_rescan_work, 3987 btrfs_qgroup_rescan_worker, NULL); 3988 return 0; 3989 } 3990 3991 static void 3992 qgroup_rescan_zero_tracking(struct btrfs_fs_info *fs_info) 3993 { 3994 struct rb_node *n; 3995 struct btrfs_qgroup *qgroup; 3996 3997 spin_lock(&fs_info->qgroup_lock); 3998 /* clear all current qgroup tracking information */ 3999 for (n = rb_first(&fs_info->qgroup_tree); n; n = rb_next(n)) { 4000 qgroup = rb_entry(n, struct btrfs_qgroup, node); 4001 qgroup->rfer = 0; 4002 qgroup->rfer_cmpr = 0; 4003 qgroup->excl = 0; 4004 qgroup->excl_cmpr = 0; 4005 qgroup_dirty(fs_info, qgroup); 4006 } 4007 spin_unlock(&fs_info->qgroup_lock); 4008 } 4009 4010 int 4011 btrfs_qgroup_rescan(struct btrfs_fs_info *fs_info) 4012 { 4013 int ret = 0; 4014 4015 ret = qgroup_rescan_init(fs_info, 0, 1); 4016 if (ret) 4017 return ret; 4018 4019 /* 4020 * We have set the rescan_progress to 0, which means no more 4021 * delayed refs will be accounted by btrfs_qgroup_account_ref. 4022 * However, btrfs_qgroup_account_ref may be right after its call 4023 * to btrfs_find_all_roots, in which case it would still do the 4024 * accounting. 4025 * To solve this, we're committing the transaction, which will 4026 * ensure we run all delayed refs and only after that, we are 4027 * going to clear all tracking information for a clean start. 4028 */ 4029 4030 ret = btrfs_commit_current_transaction(fs_info->fs_root); 4031 if (ret) { 4032 fs_info->qgroup_flags &= ~BTRFS_QGROUP_STATUS_FLAG_RESCAN; 4033 return ret; 4034 } 4035 4036 qgroup_rescan_zero_tracking(fs_info); 4037 4038 mutex_lock(&fs_info->qgroup_rescan_lock); 4039 fs_info->qgroup_rescan_running = true; 4040 btrfs_queue_work(fs_info->qgroup_rescan_workers, 4041 &fs_info->qgroup_rescan_work); 4042 mutex_unlock(&fs_info->qgroup_rescan_lock); 4043 4044 return 0; 4045 } 4046 4047 int btrfs_qgroup_wait_for_completion(struct btrfs_fs_info *fs_info, 4048 bool interruptible) 4049 { 4050 int running; 4051 int ret = 0; 4052 4053 mutex_lock(&fs_info->qgroup_rescan_lock); 4054 running = fs_info->qgroup_rescan_running; 4055 mutex_unlock(&fs_info->qgroup_rescan_lock); 4056 4057 if (!running) 4058 return 0; 4059 4060 if (interruptible) 4061 ret = wait_for_completion_interruptible( 4062 &fs_info->qgroup_rescan_completion); 4063 else 4064 wait_for_completion(&fs_info->qgroup_rescan_completion); 4065 4066 return ret; 4067 } 4068 4069 /* 4070 * this is only called from open_ctree where we're still single threaded, thus 4071 * locking is omitted here. 4072 */ 4073 void 4074 btrfs_qgroup_rescan_resume(struct btrfs_fs_info *fs_info) 4075 { 4076 if (fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_RESCAN) { 4077 mutex_lock(&fs_info->qgroup_rescan_lock); 4078 fs_info->qgroup_rescan_running = true; 4079 btrfs_queue_work(fs_info->qgroup_rescan_workers, 4080 &fs_info->qgroup_rescan_work); 4081 mutex_unlock(&fs_info->qgroup_rescan_lock); 4082 } 4083 } 4084 4085 #define rbtree_iterate_from_safe(node, next, start) \ 4086 for (node = start; node && ({ next = rb_next(node); 1;}); node = next) 4087 4088 static int qgroup_unreserve_range(struct btrfs_inode *inode, 4089 struct extent_changeset *reserved, u64 start, 4090 u64 len) 4091 { 4092 struct rb_node *node; 4093 struct rb_node *next; 4094 struct ulist_node *entry; 4095 int ret = 0; 4096 4097 node = reserved->range_changed.root.rb_node; 4098 if (!node) 4099 return 0; 4100 while (node) { 4101 entry = rb_entry(node, struct ulist_node, rb_node); 4102 if (entry->val < start) 4103 node = node->rb_right; 4104 else 4105 node = node->rb_left; 4106 } 4107 4108 if (entry->val > start && rb_prev(&entry->rb_node)) 4109 entry = rb_entry(rb_prev(&entry->rb_node), struct ulist_node, 4110 rb_node); 4111 4112 rbtree_iterate_from_safe(node, next, &entry->rb_node) { 4113 u64 entry_start; 4114 u64 entry_end; 4115 u64 entry_len; 4116 int clear_ret; 4117 4118 entry = rb_entry(node, struct ulist_node, rb_node); 4119 entry_start = entry->val; 4120 entry_end = entry->aux; 4121 entry_len = entry_end - entry_start + 1; 4122 4123 if (entry_start >= start + len) 4124 break; 4125 if (entry_start + entry_len <= start) 4126 continue; 4127 /* 4128 * Now the entry is in [start, start + len), revert the 4129 * EXTENT_QGROUP_RESERVED bit. 4130 */ 4131 clear_ret = btrfs_clear_extent_bits(&inode->io_tree, entry_start, 4132 entry_end, EXTENT_QGROUP_RESERVED); 4133 if (!ret && clear_ret < 0) 4134 ret = clear_ret; 4135 4136 ulist_del(&reserved->range_changed, entry->val, entry->aux); 4137 if (likely(reserved->bytes_changed >= entry_len)) { 4138 reserved->bytes_changed -= entry_len; 4139 } else { 4140 WARN_ON(1); 4141 reserved->bytes_changed = 0; 4142 } 4143 } 4144 4145 return ret; 4146 } 4147 4148 /* 4149 * Try to free some space for qgroup. 4150 * 4151 * For qgroup, there are only 3 ways to free qgroup space: 4152 * - Flush nodatacow write 4153 * Any nodatacow write will free its reserved data space at run_delalloc_range(). 4154 * In theory, we should only flush nodatacow inodes, but it's not yet 4155 * possible, so we need to flush the whole root. 4156 * 4157 * - Wait for ordered extents 4158 * When ordered extents are finished, their reserved metadata is finally 4159 * converted to per_trans status, which can be freed by later commit 4160 * transaction. 4161 * 4162 * - Commit transaction 4163 * This would free the meta_per_trans space. 4164 * In theory this shouldn't provide much space, but any more qgroup space 4165 * is needed. 4166 */ 4167 static int try_flush_qgroup(struct btrfs_root *root) 4168 { 4169 int ret; 4170 4171 /* Can't hold an open transaction or we run the risk of deadlocking. */ 4172 ASSERT(current->journal_info == NULL); 4173 if (WARN_ON(current->journal_info)) 4174 return 0; 4175 4176 /* 4177 * We don't want to run flush again and again, so if there is a running 4178 * one, we won't try to start a new flush, but exit directly. 4179 */ 4180 if (test_and_set_bit(BTRFS_ROOT_QGROUP_FLUSHING, &root->state)) { 4181 wait_event(root->qgroup_flush_wait, 4182 !test_bit(BTRFS_ROOT_QGROUP_FLUSHING, &root->state)); 4183 return 0; 4184 } 4185 4186 ret = btrfs_start_delalloc_snapshot(root, true); 4187 if (ret < 0) 4188 goto out; 4189 btrfs_wait_ordered_extents(root, U64_MAX, NULL); 4190 4191 /* 4192 * After waiting for ordered extents run delayed iputs in order to free 4193 * space from unlinked files before committing the current transaction, 4194 * as ordered extents may have been holding the last reference of an 4195 * inode and they add a delayed iput when they complete. 4196 */ 4197 btrfs_run_delayed_iputs(root->fs_info); 4198 btrfs_wait_on_delayed_iputs(root->fs_info); 4199 4200 ret = btrfs_commit_current_transaction(root); 4201 out: 4202 clear_bit(BTRFS_ROOT_QGROUP_FLUSHING, &root->state); 4203 wake_up(&root->qgroup_flush_wait); 4204 return ret; 4205 } 4206 4207 static int qgroup_reserve_data(struct btrfs_inode *inode, 4208 struct extent_changeset **reserved_ret, u64 start, 4209 u64 len) 4210 { 4211 struct btrfs_root *root = inode->root; 4212 struct extent_changeset *reserved; 4213 bool new_reserved = false; 4214 u64 orig_reserved; 4215 u64 to_reserve; 4216 int ret; 4217 4218 if (btrfs_qgroup_mode(root->fs_info) == BTRFS_QGROUP_MODE_DISABLED || 4219 !is_fstree(btrfs_root_id(root)) || len == 0) 4220 return 0; 4221 4222 /* @reserved parameter is mandatory for qgroup */ 4223 if (WARN_ON(!reserved_ret)) 4224 return -EINVAL; 4225 if (!*reserved_ret) { 4226 new_reserved = true; 4227 *reserved_ret = extent_changeset_alloc(); 4228 if (!*reserved_ret) 4229 return -ENOMEM; 4230 } 4231 reserved = *reserved_ret; 4232 /* Record already reserved space */ 4233 orig_reserved = reserved->bytes_changed; 4234 ret = btrfs_set_record_extent_bits(&inode->io_tree, start, 4235 start + len - 1, EXTENT_QGROUP_RESERVED, 4236 reserved); 4237 4238 /* Newly reserved space */ 4239 to_reserve = reserved->bytes_changed - orig_reserved; 4240 trace_btrfs_qgroup_reserve_data(&inode->vfs_inode, start, len, 4241 to_reserve, QGROUP_RESERVE); 4242 if (ret < 0) 4243 goto out; 4244 ret = qgroup_reserve(root, to_reserve, true, BTRFS_QGROUP_RSV_DATA); 4245 if (ret < 0) 4246 goto cleanup; 4247 4248 return ret; 4249 4250 cleanup: 4251 qgroup_unreserve_range(inode, reserved, start, len); 4252 out: 4253 if (new_reserved) { 4254 extent_changeset_free(reserved); 4255 *reserved_ret = NULL; 4256 } 4257 return ret; 4258 } 4259 4260 /* 4261 * Reserve qgroup space for range [start, start + len). 4262 * 4263 * This function will either reserve space from related qgroups or do nothing 4264 * if the range is already reserved. 4265 * 4266 * Return 0 for successful reservation 4267 * Return <0 for error (including -EQUOT) 4268 * 4269 * NOTE: This function may sleep for memory allocation, dirty page flushing and 4270 * commit transaction. So caller should not hold any dirty page locked. 4271 */ 4272 int btrfs_qgroup_reserve_data(struct btrfs_inode *inode, 4273 struct extent_changeset **reserved_ret, u64 start, 4274 u64 len) 4275 { 4276 int ret; 4277 4278 ret = qgroup_reserve_data(inode, reserved_ret, start, len); 4279 if (ret <= 0 && ret != -EDQUOT) 4280 return ret; 4281 4282 ret = try_flush_qgroup(inode->root); 4283 if (ret < 0) 4284 return ret; 4285 return qgroup_reserve_data(inode, reserved_ret, start, len); 4286 } 4287 4288 /* Free ranges specified by @reserved, normally in error path */ 4289 static int qgroup_free_reserved_data(struct btrfs_inode *inode, 4290 struct extent_changeset *reserved, 4291 u64 start, u64 len, u64 *freed_ret) 4292 { 4293 struct btrfs_root *root = inode->root; 4294 struct ulist_node *unode; 4295 struct ulist_iterator uiter; 4296 struct extent_changeset changeset; 4297 u64 freed = 0; 4298 int ret; 4299 4300 extent_changeset_init(&changeset); 4301 len = round_up(start + len, root->fs_info->sectorsize); 4302 start = round_down(start, root->fs_info->sectorsize); 4303 4304 ULIST_ITER_INIT(&uiter); 4305 while ((unode = ulist_next(&reserved->range_changed, &uiter))) { 4306 u64 range_start = unode->val; 4307 /* unode->aux is the inclusive end */ 4308 u64 range_len = unode->aux - range_start + 1; 4309 u64 free_start; 4310 u64 free_len; 4311 4312 extent_changeset_release(&changeset); 4313 4314 /* Only free range in range [start, start + len) */ 4315 if (range_start >= start + len || 4316 range_start + range_len <= start) 4317 continue; 4318 free_start = max(range_start, start); 4319 free_len = min(start + len, range_start + range_len) - 4320 free_start; 4321 /* 4322 * TODO: To also modify reserved->ranges_reserved to reflect 4323 * the modification. 4324 * 4325 * However as long as we free qgroup reserved according to 4326 * EXTENT_QGROUP_RESERVED, we won't double free. 4327 * So not need to rush. 4328 */ 4329 ret = btrfs_clear_record_extent_bits(&inode->io_tree, free_start, 4330 free_start + free_len - 1, 4331 EXTENT_QGROUP_RESERVED, 4332 &changeset); 4333 if (ret < 0) 4334 goto out; 4335 freed += changeset.bytes_changed; 4336 } 4337 btrfs_qgroup_free_refroot(root->fs_info, btrfs_root_id(root), freed, 4338 BTRFS_QGROUP_RSV_DATA); 4339 if (freed_ret) 4340 *freed_ret = freed; 4341 ret = 0; 4342 out: 4343 extent_changeset_release(&changeset); 4344 return ret; 4345 } 4346 4347 static int __btrfs_qgroup_release_data(struct btrfs_inode *inode, 4348 struct extent_changeset *reserved, u64 start, u64 len, 4349 u64 *released, int free) 4350 { 4351 struct extent_changeset changeset; 4352 int trace_op = QGROUP_RELEASE; 4353 int ret; 4354 4355 if (btrfs_qgroup_mode(inode->root->fs_info) == BTRFS_QGROUP_MODE_DISABLED) { 4356 return btrfs_clear_record_extent_bits(&inode->io_tree, start, 4357 start + len - 1, 4358 EXTENT_QGROUP_RESERVED, NULL); 4359 } 4360 4361 /* In release case, we shouldn't have @reserved */ 4362 WARN_ON(!free && reserved); 4363 if (free && reserved) 4364 return qgroup_free_reserved_data(inode, reserved, start, len, released); 4365 extent_changeset_init(&changeset); 4366 ret = btrfs_clear_record_extent_bits(&inode->io_tree, start, start + len - 1, 4367 EXTENT_QGROUP_RESERVED, &changeset); 4368 if (ret < 0) 4369 goto out; 4370 4371 if (free) 4372 trace_op = QGROUP_FREE; 4373 trace_btrfs_qgroup_release_data(&inode->vfs_inode, start, len, 4374 changeset.bytes_changed, trace_op); 4375 if (free) 4376 btrfs_qgroup_free_refroot(inode->root->fs_info, 4377 btrfs_root_id(inode->root), 4378 changeset.bytes_changed, BTRFS_QGROUP_RSV_DATA); 4379 if (released) 4380 *released = changeset.bytes_changed; 4381 out: 4382 extent_changeset_release(&changeset); 4383 return ret; 4384 } 4385 4386 /* 4387 * Free a reserved space range from io_tree and related qgroups 4388 * 4389 * Should be called when a range of pages get invalidated before reaching disk. 4390 * Or for error cleanup case. 4391 * if @reserved is given, only reserved range in [@start, @start + @len) will 4392 * be freed. 4393 * 4394 * For data written to disk, use btrfs_qgroup_release_data(). 4395 * 4396 * NOTE: This function may sleep for memory allocation. 4397 */ 4398 int btrfs_qgroup_free_data(struct btrfs_inode *inode, 4399 struct extent_changeset *reserved, 4400 u64 start, u64 len, u64 *freed) 4401 { 4402 return __btrfs_qgroup_release_data(inode, reserved, start, len, freed, 1); 4403 } 4404 4405 /* 4406 * Release a reserved space range from io_tree only. 4407 * 4408 * Should be called when a range of pages get written to disk and corresponding 4409 * FILE_EXTENT is inserted into corresponding root. 4410 * 4411 * Since new qgroup accounting framework will only update qgroup numbers at 4412 * commit_transaction() time, its reserved space shouldn't be freed from 4413 * related qgroups. 4414 * 4415 * But we should release the range from io_tree, to allow further write to be 4416 * COWed. 4417 * 4418 * NOTE: This function may sleep for memory allocation. 4419 */ 4420 int btrfs_qgroup_release_data(struct btrfs_inode *inode, u64 start, u64 len, u64 *released) 4421 { 4422 return __btrfs_qgroup_release_data(inode, NULL, start, len, released, 0); 4423 } 4424 4425 static void add_root_meta_rsv(struct btrfs_root *root, int num_bytes, 4426 enum btrfs_qgroup_rsv_type type) 4427 { 4428 if (type != BTRFS_QGROUP_RSV_META_PREALLOC && 4429 type != BTRFS_QGROUP_RSV_META_PERTRANS) 4430 return; 4431 if (num_bytes == 0) 4432 return; 4433 4434 spin_lock(&root->qgroup_meta_rsv_lock); 4435 if (type == BTRFS_QGROUP_RSV_META_PREALLOC) 4436 root->qgroup_meta_rsv_prealloc += num_bytes; 4437 else 4438 root->qgroup_meta_rsv_pertrans += num_bytes; 4439 spin_unlock(&root->qgroup_meta_rsv_lock); 4440 } 4441 4442 static int sub_root_meta_rsv(struct btrfs_root *root, int num_bytes, 4443 enum btrfs_qgroup_rsv_type type) 4444 { 4445 if (type != BTRFS_QGROUP_RSV_META_PREALLOC && 4446 type != BTRFS_QGROUP_RSV_META_PERTRANS) 4447 return 0; 4448 if (num_bytes == 0) 4449 return 0; 4450 4451 spin_lock(&root->qgroup_meta_rsv_lock); 4452 if (type == BTRFS_QGROUP_RSV_META_PREALLOC) { 4453 num_bytes = min_t(u64, root->qgroup_meta_rsv_prealloc, 4454 num_bytes); 4455 root->qgroup_meta_rsv_prealloc -= num_bytes; 4456 } else { 4457 num_bytes = min_t(u64, root->qgroup_meta_rsv_pertrans, 4458 num_bytes); 4459 root->qgroup_meta_rsv_pertrans -= num_bytes; 4460 } 4461 spin_unlock(&root->qgroup_meta_rsv_lock); 4462 return num_bytes; 4463 } 4464 4465 int btrfs_qgroup_reserve_meta(struct btrfs_root *root, int num_bytes, 4466 enum btrfs_qgroup_rsv_type type, bool enforce) 4467 { 4468 struct btrfs_fs_info *fs_info = root->fs_info; 4469 int ret; 4470 4471 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_DISABLED || 4472 !is_fstree(btrfs_root_id(root)) || num_bytes == 0) 4473 return 0; 4474 4475 BUG_ON(num_bytes != round_down(num_bytes, fs_info->nodesize)); 4476 trace_btrfs_qgroup_meta_reserve(root, (s64)num_bytes, type); 4477 ret = qgroup_reserve(root, num_bytes, enforce, type); 4478 if (ret < 0) 4479 return ret; 4480 /* 4481 * Record what we have reserved into root. 4482 * 4483 * To avoid quota disabled->enabled underflow. 4484 * In that case, we may try to free space we haven't reserved 4485 * (since quota was disabled), so record what we reserved into root. 4486 * And ensure later release won't underflow this number. 4487 */ 4488 add_root_meta_rsv(root, num_bytes, type); 4489 return ret; 4490 } 4491 4492 int __btrfs_qgroup_reserve_meta(struct btrfs_root *root, int num_bytes, 4493 enum btrfs_qgroup_rsv_type type, bool enforce, 4494 bool noflush) 4495 { 4496 int ret; 4497 4498 ret = btrfs_qgroup_reserve_meta(root, num_bytes, type, enforce); 4499 if ((ret <= 0 && ret != -EDQUOT) || noflush) 4500 return ret; 4501 4502 ret = try_flush_qgroup(root); 4503 if (ret < 0) 4504 return ret; 4505 return btrfs_qgroup_reserve_meta(root, num_bytes, type, enforce); 4506 } 4507 4508 /* 4509 * Per-transaction meta reservation should be all freed at transaction commit 4510 * time 4511 */ 4512 void btrfs_qgroup_free_meta_all_pertrans(struct btrfs_root *root) 4513 { 4514 struct btrfs_fs_info *fs_info = root->fs_info; 4515 4516 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_DISABLED || 4517 !is_fstree(btrfs_root_id(root))) 4518 return; 4519 4520 /* TODO: Update trace point to handle such free */ 4521 trace_btrfs_qgroup_meta_free_all_pertrans(root); 4522 /* Special value -1 means to free all reserved space */ 4523 btrfs_qgroup_free_refroot(fs_info, btrfs_root_id(root), (u64)-1, 4524 BTRFS_QGROUP_RSV_META_PERTRANS); 4525 } 4526 4527 void __btrfs_qgroup_free_meta(struct btrfs_root *root, int num_bytes, 4528 enum btrfs_qgroup_rsv_type type) 4529 { 4530 struct btrfs_fs_info *fs_info = root->fs_info; 4531 4532 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_DISABLED || 4533 !is_fstree(btrfs_root_id(root))) 4534 return; 4535 4536 /* 4537 * reservation for META_PREALLOC can happen before quota is enabled, 4538 * which can lead to underflow. 4539 * Here ensure we will only free what we really have reserved. 4540 */ 4541 num_bytes = sub_root_meta_rsv(root, num_bytes, type); 4542 BUG_ON(num_bytes != round_down(num_bytes, fs_info->nodesize)); 4543 trace_btrfs_qgroup_meta_reserve(root, -(s64)num_bytes, type); 4544 btrfs_qgroup_free_refroot(fs_info, btrfs_root_id(root), num_bytes, type); 4545 } 4546 4547 static void qgroup_convert_meta(struct btrfs_fs_info *fs_info, u64 ref_root, 4548 int num_bytes) 4549 { 4550 struct btrfs_qgroup *qgroup; 4551 LIST_HEAD(qgroup_list); 4552 4553 if (num_bytes == 0) 4554 return; 4555 if (!fs_info->quota_root) 4556 return; 4557 4558 spin_lock(&fs_info->qgroup_lock); 4559 qgroup = find_qgroup_rb(fs_info, ref_root); 4560 if (!qgroup) 4561 goto out; 4562 4563 qgroup_iterator_add(&qgroup_list, qgroup); 4564 list_for_each_entry(qgroup, &qgroup_list, iterator) { 4565 struct btrfs_qgroup_list *glist; 4566 4567 qgroup_rsv_release(fs_info, qgroup, num_bytes, 4568 BTRFS_QGROUP_RSV_META_PREALLOC); 4569 if (!sb_rdonly(fs_info->sb)) 4570 qgroup_rsv_add(fs_info, qgroup, num_bytes, 4571 BTRFS_QGROUP_RSV_META_PERTRANS); 4572 4573 list_for_each_entry(glist, &qgroup->groups, next_group) 4574 qgroup_iterator_add(&qgroup_list, glist->group); 4575 } 4576 out: 4577 qgroup_iterator_clean(&qgroup_list); 4578 spin_unlock(&fs_info->qgroup_lock); 4579 } 4580 4581 /* 4582 * Convert @num_bytes of META_PREALLOCATED reservation to META_PERTRANS. 4583 * 4584 * This is called when preallocated meta reservation needs to be used. 4585 * Normally after btrfs_join_transaction() call. 4586 */ 4587 void btrfs_qgroup_convert_reserved_meta(struct btrfs_root *root, int num_bytes) 4588 { 4589 struct btrfs_fs_info *fs_info = root->fs_info; 4590 4591 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_DISABLED || 4592 !is_fstree(btrfs_root_id(root))) 4593 return; 4594 /* Same as btrfs_qgroup_free_meta_prealloc() */ 4595 num_bytes = sub_root_meta_rsv(root, num_bytes, 4596 BTRFS_QGROUP_RSV_META_PREALLOC); 4597 trace_btrfs_qgroup_meta_convert(root, num_bytes); 4598 qgroup_convert_meta(fs_info, btrfs_root_id(root), num_bytes); 4599 if (!sb_rdonly(fs_info->sb)) 4600 add_root_meta_rsv(root, num_bytes, BTRFS_QGROUP_RSV_META_PERTRANS); 4601 } 4602 4603 /* 4604 * Check qgroup reserved space leaking, normally at destroy inode 4605 * time 4606 */ 4607 void btrfs_qgroup_check_reserved_leak(struct btrfs_inode *inode) 4608 { 4609 struct extent_changeset changeset; 4610 struct ulist_node *unode; 4611 struct ulist_iterator iter; 4612 int ret; 4613 4614 extent_changeset_init(&changeset); 4615 ret = btrfs_clear_record_extent_bits(&inode->io_tree, 0, (u64)-1, 4616 EXTENT_QGROUP_RESERVED, &changeset); 4617 4618 WARN_ON(ret < 0); 4619 if (WARN_ON(changeset.bytes_changed)) { 4620 ULIST_ITER_INIT(&iter); 4621 while ((unode = ulist_next(&changeset.range_changed, &iter))) { 4622 btrfs_warn(inode->root->fs_info, 4623 "leaking qgroup reserved space, ino: %llu, start: %llu, end: %llu", 4624 btrfs_ino(inode), unode->val, unode->aux); 4625 } 4626 btrfs_qgroup_free_refroot(inode->root->fs_info, 4627 btrfs_root_id(inode->root), 4628 changeset.bytes_changed, BTRFS_QGROUP_RSV_DATA); 4629 4630 } 4631 extent_changeset_release(&changeset); 4632 } 4633 4634 void btrfs_qgroup_init_swapped_blocks( 4635 struct btrfs_qgroup_swapped_blocks *swapped_blocks) 4636 { 4637 int i; 4638 4639 spin_lock_init(&swapped_blocks->lock); 4640 for (i = 0; i < BTRFS_MAX_LEVEL; i++) 4641 swapped_blocks->blocks[i] = RB_ROOT; 4642 swapped_blocks->swapped = false; 4643 } 4644 4645 /* 4646 * Delete all swapped blocks record of @root. 4647 * Every record here means we skipped a full subtree scan for qgroup. 4648 * 4649 * Gets called when committing one transaction. 4650 */ 4651 void btrfs_qgroup_clean_swapped_blocks(struct btrfs_root *root) 4652 { 4653 struct btrfs_qgroup_swapped_blocks *swapped_blocks; 4654 int i; 4655 4656 swapped_blocks = &root->swapped_blocks; 4657 4658 spin_lock(&swapped_blocks->lock); 4659 if (!swapped_blocks->swapped) 4660 goto out; 4661 for (i = 0; i < BTRFS_MAX_LEVEL; i++) { 4662 struct rb_root *cur_root = &swapped_blocks->blocks[i]; 4663 struct btrfs_qgroup_swapped_block *entry; 4664 struct btrfs_qgroup_swapped_block *next; 4665 4666 rbtree_postorder_for_each_entry_safe(entry, next, cur_root, 4667 node) 4668 kfree(entry); 4669 swapped_blocks->blocks[i] = RB_ROOT; 4670 } 4671 swapped_blocks->swapped = false; 4672 out: 4673 spin_unlock(&swapped_blocks->lock); 4674 } 4675 4676 /* 4677 * Add subtree roots record into @subvol_root. 4678 * 4679 * @subvol_root: tree root of the subvolume tree get swapped 4680 * @bg: block group under balance 4681 * @subvol_parent/slot: pointer to the subtree root in subvolume tree 4682 * @reloc_parent/slot: pointer to the subtree root in reloc tree 4683 * BOTH POINTERS ARE BEFORE TREE SWAP 4684 * @last_snapshot: last snapshot generation of the subvolume tree 4685 */ 4686 int btrfs_qgroup_add_swapped_blocks(struct btrfs_root *subvol_root, 4687 struct btrfs_block_group *bg, 4688 struct extent_buffer *subvol_parent, int subvol_slot, 4689 struct extent_buffer *reloc_parent, int reloc_slot, 4690 u64 last_snapshot) 4691 { 4692 struct btrfs_fs_info *fs_info = subvol_root->fs_info; 4693 struct btrfs_qgroup_swapped_blocks *blocks = &subvol_root->swapped_blocks; 4694 struct btrfs_qgroup_swapped_block *block; 4695 struct rb_node **cur; 4696 struct rb_node *parent = NULL; 4697 int level = btrfs_header_level(subvol_parent) - 1; 4698 int ret = 0; 4699 4700 if (!btrfs_qgroup_full_accounting(fs_info)) 4701 return 0; 4702 4703 if (btrfs_node_ptr_generation(subvol_parent, subvol_slot) > 4704 btrfs_node_ptr_generation(reloc_parent, reloc_slot)) { 4705 btrfs_err_rl(fs_info, 4706 "%s: bad parameter order, subvol_gen=%llu reloc_gen=%llu", 4707 __func__, 4708 btrfs_node_ptr_generation(subvol_parent, subvol_slot), 4709 btrfs_node_ptr_generation(reloc_parent, reloc_slot)); 4710 return -EUCLEAN; 4711 } 4712 4713 block = kmalloc(sizeof(*block), GFP_NOFS); 4714 if (!block) { 4715 ret = -ENOMEM; 4716 goto out; 4717 } 4718 4719 /* 4720 * @reloc_parent/slot is still before swap, while @block is going to 4721 * record the bytenr after swap, so we do the swap here. 4722 */ 4723 block->subvol_bytenr = btrfs_node_blockptr(reloc_parent, reloc_slot); 4724 block->subvol_generation = btrfs_node_ptr_generation(reloc_parent, 4725 reloc_slot); 4726 block->reloc_bytenr = btrfs_node_blockptr(subvol_parent, subvol_slot); 4727 block->reloc_generation = btrfs_node_ptr_generation(subvol_parent, 4728 subvol_slot); 4729 block->last_snapshot = last_snapshot; 4730 block->level = level; 4731 4732 /* 4733 * If we have bg == NULL, we're called from btrfs_recover_relocation(), 4734 * no one else can modify tree blocks thus we qgroup will not change 4735 * no matter the value of trace_leaf. 4736 */ 4737 if (bg && bg->flags & BTRFS_BLOCK_GROUP_DATA) 4738 block->trace_leaf = true; 4739 else 4740 block->trace_leaf = false; 4741 btrfs_node_key_to_cpu(reloc_parent, &block->first_key, reloc_slot); 4742 4743 /* Insert @block into @blocks */ 4744 spin_lock(&blocks->lock); 4745 cur = &blocks->blocks[level].rb_node; 4746 while (*cur) { 4747 struct btrfs_qgroup_swapped_block *entry; 4748 4749 parent = *cur; 4750 entry = rb_entry(parent, struct btrfs_qgroup_swapped_block, 4751 node); 4752 4753 if (entry->subvol_bytenr < block->subvol_bytenr) { 4754 cur = &(*cur)->rb_left; 4755 } else if (entry->subvol_bytenr > block->subvol_bytenr) { 4756 cur = &(*cur)->rb_right; 4757 } else { 4758 if (entry->subvol_generation != 4759 block->subvol_generation || 4760 entry->reloc_bytenr != block->reloc_bytenr || 4761 entry->reloc_generation != 4762 block->reloc_generation) { 4763 /* 4764 * Duplicated but mismatch entry found. 4765 * Shouldn't happen. 4766 * 4767 * Marking qgroup inconsistent should be enough 4768 * for end users. 4769 */ 4770 DEBUG_WARN("duplicated but mismatched entry found"); 4771 ret = -EEXIST; 4772 } 4773 kfree(block); 4774 goto out_unlock; 4775 } 4776 } 4777 rb_link_node(&block->node, parent, cur); 4778 rb_insert_color(&block->node, &blocks->blocks[level]); 4779 blocks->swapped = true; 4780 out_unlock: 4781 spin_unlock(&blocks->lock); 4782 out: 4783 if (ret < 0) 4784 qgroup_mark_inconsistent(fs_info); 4785 return ret; 4786 } 4787 4788 /* 4789 * Check if the tree block is a subtree root, and if so do the needed 4790 * delayed subtree trace for qgroup. 4791 * 4792 * This is called during btrfs_cow_block(). 4793 */ 4794 int btrfs_qgroup_trace_subtree_after_cow(struct btrfs_trans_handle *trans, 4795 struct btrfs_root *root, 4796 struct extent_buffer *subvol_eb) 4797 { 4798 struct btrfs_fs_info *fs_info = root->fs_info; 4799 struct btrfs_tree_parent_check check = { 0 }; 4800 struct btrfs_qgroup_swapped_blocks *blocks = &root->swapped_blocks; 4801 struct btrfs_qgroup_swapped_block *block; 4802 struct extent_buffer *reloc_eb = NULL; 4803 struct rb_node *node; 4804 bool found = false; 4805 bool swapped = false; 4806 int level = btrfs_header_level(subvol_eb); 4807 int ret = 0; 4808 int i; 4809 4810 if (!btrfs_qgroup_full_accounting(fs_info)) 4811 return 0; 4812 if (!is_fstree(btrfs_root_id(root)) || !root->reloc_root) 4813 return 0; 4814 4815 spin_lock(&blocks->lock); 4816 if (!blocks->swapped) { 4817 spin_unlock(&blocks->lock); 4818 return 0; 4819 } 4820 node = blocks->blocks[level].rb_node; 4821 4822 while (node) { 4823 block = rb_entry(node, struct btrfs_qgroup_swapped_block, node); 4824 if (block->subvol_bytenr < subvol_eb->start) { 4825 node = node->rb_left; 4826 } else if (block->subvol_bytenr > subvol_eb->start) { 4827 node = node->rb_right; 4828 } else { 4829 found = true; 4830 break; 4831 } 4832 } 4833 if (!found) { 4834 spin_unlock(&blocks->lock); 4835 goto out; 4836 } 4837 /* Found one, remove it from @blocks first and update blocks->swapped */ 4838 rb_erase(&block->node, &blocks->blocks[level]); 4839 for (i = 0; i < BTRFS_MAX_LEVEL; i++) { 4840 if (RB_EMPTY_ROOT(&blocks->blocks[i])) { 4841 swapped = true; 4842 break; 4843 } 4844 } 4845 blocks->swapped = swapped; 4846 spin_unlock(&blocks->lock); 4847 4848 check.level = block->level; 4849 check.transid = block->reloc_generation; 4850 check.has_first_key = true; 4851 memcpy(&check.first_key, &block->first_key, sizeof(check.first_key)); 4852 4853 /* Read out reloc subtree root */ 4854 reloc_eb = read_tree_block(fs_info, block->reloc_bytenr, &check); 4855 if (IS_ERR(reloc_eb)) { 4856 ret = PTR_ERR(reloc_eb); 4857 reloc_eb = NULL; 4858 goto free_out; 4859 } 4860 if (!extent_buffer_uptodate(reloc_eb)) { 4861 ret = -EIO; 4862 goto free_out; 4863 } 4864 4865 ret = qgroup_trace_subtree_swap(trans, reloc_eb, subvol_eb, 4866 block->last_snapshot, block->trace_leaf); 4867 free_out: 4868 kfree(block); 4869 free_extent_buffer(reloc_eb); 4870 out: 4871 if (ret < 0) { 4872 btrfs_err_rl(fs_info, 4873 "failed to account subtree at bytenr %llu: %d", 4874 subvol_eb->start, ret); 4875 qgroup_mark_inconsistent(fs_info); 4876 } 4877 return ret; 4878 } 4879 4880 void btrfs_qgroup_destroy_extent_records(struct btrfs_transaction *trans) 4881 { 4882 struct btrfs_qgroup_extent_record *entry; 4883 unsigned long index; 4884 4885 xa_for_each(&trans->delayed_refs.dirty_extents, index, entry) { 4886 ulist_free(entry->old_roots); 4887 kfree(entry); 4888 } 4889 xa_destroy(&trans->delayed_refs.dirty_extents); 4890 } 4891 4892 int btrfs_record_squota_delta(struct btrfs_fs_info *fs_info, 4893 const struct btrfs_squota_delta *delta) 4894 { 4895 int ret; 4896 struct btrfs_qgroup *qgroup; 4897 struct btrfs_qgroup *qg; 4898 LIST_HEAD(qgroup_list); 4899 u64 root = delta->root; 4900 u64 num_bytes = delta->num_bytes; 4901 const int sign = (delta->is_inc ? 1 : -1); 4902 4903 if (btrfs_qgroup_mode(fs_info) != BTRFS_QGROUP_MODE_SIMPLE) 4904 return 0; 4905 4906 if (!is_fstree(root)) 4907 return 0; 4908 4909 /* If the extent predates enabling quotas, don't count it. */ 4910 if (delta->generation < fs_info->qgroup_enable_gen) 4911 return 0; 4912 4913 spin_lock(&fs_info->qgroup_lock); 4914 qgroup = find_qgroup_rb(fs_info, root); 4915 if (!qgroup) { 4916 ret = -ENOENT; 4917 goto out; 4918 } 4919 4920 ret = 0; 4921 qgroup_iterator_add(&qgroup_list, qgroup); 4922 list_for_each_entry(qg, &qgroup_list, iterator) { 4923 struct btrfs_qgroup_list *glist; 4924 4925 qg->excl += num_bytes * sign; 4926 qg->rfer += num_bytes * sign; 4927 qgroup_dirty(fs_info, qg); 4928 4929 list_for_each_entry(glist, &qg->groups, next_group) 4930 qgroup_iterator_add(&qgroup_list, glist->group); 4931 } 4932 qgroup_iterator_clean(&qgroup_list); 4933 4934 out: 4935 spin_unlock(&fs_info->qgroup_lock); 4936 return ret; 4937 } 4938