tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
1// SPDX-License-Identifier: GPL-2.0
2/*
3 * Copyright (C) 2011 STRATO. All rights reserved.
4 */
5
6#include <linux/sched.h>
7#include <linux/pagemap.h>
8#include <linux/writeback.h>
9#include <linux/blkdev.h>
10#include <linux/rbtree.h>
11#include <linux/slab.h>
12#include <linux/workqueue.h>
13#include <linux/btrfs.h>
14#include <linux/sched/mm.h>
15
16#include "ctree.h"
17#include "transaction.h"
18#include "disk-io.h"
19#include "locking.h"
20#include "ulist.h"
21#include "backref.h"
22#include "extent_io.h"
23#include "qgroup.h"
24#include "block-group.h"
25#include "sysfs.h"
26#include "tree-mod-log.h"
27#include "fs.h"
28#include "accessors.h"
29#include "extent-tree.h"
30#include "root-tree.h"
31#include "tree-checker.h"
32
33enum btrfs_qgroup_mode btrfs_qgroup_mode(const struct btrfs_fs_info *fs_info)
34{
35 if (!test_bit(BTRFS_FS_QUOTA_ENABLED, &fs_info->flags))
36 return BTRFS_QGROUP_MODE_DISABLED;
37 if (fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_SIMPLE_MODE)
38 return BTRFS_QGROUP_MODE_SIMPLE;
39 return BTRFS_QGROUP_MODE_FULL;
40}
41
42bool btrfs_qgroup_enabled(const struct btrfs_fs_info *fs_info)
43{
44 return btrfs_qgroup_mode(fs_info) != BTRFS_QGROUP_MODE_DISABLED;
45}
46
47bool btrfs_qgroup_full_accounting(const struct btrfs_fs_info *fs_info)
48{
49 return btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_FULL;
50}
51
52/*
53 * Helpers to access qgroup reservation
54 *
55 * Callers should ensure the lock context and type are valid
56 */
57
58static u64 qgroup_rsv_total(const struct btrfs_qgroup *qgroup)
59{
60 u64 ret = 0;
61 int i;
62
63 for (i = 0; i < BTRFS_QGROUP_RSV_LAST; i++)
64 ret += qgroup->rsv.values[i];
65
66 return ret;
67}
68
69#ifdef CONFIG_BTRFS_DEBUG
70static const char *qgroup_rsv_type_str(enum btrfs_qgroup_rsv_type type)
71{
72 if (type == BTRFS_QGROUP_RSV_DATA)
73 return "data";
74 if (type == BTRFS_QGROUP_RSV_META_PERTRANS)
75 return "meta_pertrans";
76 if (type == BTRFS_QGROUP_RSV_META_PREALLOC)
77 return "meta_prealloc";
78 return NULL;
79}
80#endif
81
82static void qgroup_rsv_add(struct btrfs_fs_info *fs_info,
83 struct btrfs_qgroup *qgroup, u64 num_bytes,
84 enum btrfs_qgroup_rsv_type type)
85{
86 trace_qgroup_update_reserve(fs_info, qgroup, num_bytes, type);
87 qgroup->rsv.values[type] += num_bytes;
88}
89
90static void qgroup_rsv_release(struct btrfs_fs_info *fs_info,
91 struct btrfs_qgroup *qgroup, u64 num_bytes,
92 enum btrfs_qgroup_rsv_type type)
93{
94 trace_qgroup_update_reserve(fs_info, qgroup, -(s64)num_bytes, type);
95 if (qgroup->rsv.values[type] >= num_bytes) {
96 qgroup->rsv.values[type] -= num_bytes;
97 return;
98 }
99#ifdef CONFIG_BTRFS_DEBUG
100 WARN_RATELIMIT(1,
101 "qgroup %llu %s reserved space underflow, have %llu to free %llu",
102 qgroup->qgroupid, qgroup_rsv_type_str(type),
103 qgroup->rsv.values[type], num_bytes);
104#endif
105 qgroup->rsv.values[type] = 0;
106}
107
108static void qgroup_rsv_add_by_qgroup(struct btrfs_fs_info *fs_info,
109 struct btrfs_qgroup *dest,
110 const struct btrfs_qgroup *src)
111{
112 int i;
113
114 for (i = 0; i < BTRFS_QGROUP_RSV_LAST; i++)
115 qgroup_rsv_add(fs_info, dest, src->rsv.values[i], i);
116}
117
118static void qgroup_rsv_release_by_qgroup(struct btrfs_fs_info *fs_info,
119 struct btrfs_qgroup *dest,
120 const struct btrfs_qgroup *src)
121{
122 int i;
123
124 for (i = 0; i < BTRFS_QGROUP_RSV_LAST; i++)
125 qgroup_rsv_release(fs_info, dest, src->rsv.values[i], i);
126}
127
128static void btrfs_qgroup_update_old_refcnt(struct btrfs_qgroup *qg, u64 seq,
129 int mod)
130{
131 if (qg->old_refcnt < seq)
132 qg->old_refcnt = seq;
133 qg->old_refcnt += mod;
134}
135
136static void btrfs_qgroup_update_new_refcnt(struct btrfs_qgroup *qg, u64 seq,
137 int mod)
138{
139 if (qg->new_refcnt < seq)
140 qg->new_refcnt = seq;
141 qg->new_refcnt += mod;
142}
143
144static inline u64 btrfs_qgroup_get_old_refcnt(const struct btrfs_qgroup *qg, u64 seq)
145{
146 if (qg->old_refcnt < seq)
147 return 0;
148 return qg->old_refcnt - seq;
149}
150
151static inline u64 btrfs_qgroup_get_new_refcnt(const struct btrfs_qgroup *qg, u64 seq)
152{
153 if (qg->new_refcnt < seq)
154 return 0;
155 return qg->new_refcnt - seq;
156}
157
158static int
159qgroup_rescan_init(struct btrfs_fs_info *fs_info, u64 progress_objectid,
160 int init_flags);
161static void qgroup_rescan_zero_tracking(struct btrfs_fs_info *fs_info);
162
163/* must be called with qgroup_ioctl_lock held */
164static struct btrfs_qgroup *find_qgroup_rb(const struct btrfs_fs_info *fs_info,
165 u64 qgroupid)
166{
167 struct rb_node *n = fs_info->qgroup_tree.rb_node;
168 struct btrfs_qgroup *qgroup;
169
170 while (n) {
171 qgroup = rb_entry(n, struct btrfs_qgroup, node);
172 if (qgroup->qgroupid < qgroupid)
173 n = n->rb_left;
174 else if (qgroup->qgroupid > qgroupid)
175 n = n->rb_right;
176 else
177 return qgroup;
178 }
179 return NULL;
180}
181
182/*
183 * Add qgroup to the filesystem's qgroup tree.
184 *
185 * Must be called with qgroup_lock held and @prealloc preallocated.
186 *
187 * The control on the lifespan of @prealloc would be transferred to this
188 * function, thus caller should no longer touch @prealloc.
189 */
190static struct btrfs_qgroup *add_qgroup_rb(struct btrfs_fs_info *fs_info,
191 struct btrfs_qgroup *prealloc,
192 u64 qgroupid)
193{
194 struct rb_node **p = &fs_info->qgroup_tree.rb_node;
195 struct rb_node *parent = NULL;
196 struct btrfs_qgroup *qgroup;
197
198 /* Caller must have pre-allocated @prealloc. */
199 ASSERT(prealloc);
200
201 while (*p) {
202 parent = *p;
203 qgroup = rb_entry(parent, struct btrfs_qgroup, node);
204
205 if (qgroup->qgroupid < qgroupid) {
206 p = &(*p)->rb_left;
207 } else if (qgroup->qgroupid > qgroupid) {
208 p = &(*p)->rb_right;
209 } else {
210 kfree(prealloc);
211 return qgroup;
212 }
213 }
214
215 qgroup = prealloc;
216 qgroup->qgroupid = qgroupid;
217 INIT_LIST_HEAD(&qgroup->groups);
218 INIT_LIST_HEAD(&qgroup->members);
219 INIT_LIST_HEAD(&qgroup->dirty);
220 INIT_LIST_HEAD(&qgroup->iterator);
221 INIT_LIST_HEAD(&qgroup->nested_iterator);
222
223 rb_link_node(&qgroup->node, parent, p);
224 rb_insert_color(&qgroup->node, &fs_info->qgroup_tree);
225
226 return qgroup;
227}
228
229static void __del_qgroup_rb(struct btrfs_qgroup *qgroup)
230{
231 struct btrfs_qgroup_list *list;
232
233 list_del(&qgroup->dirty);
234 while (!list_empty(&qgroup->groups)) {
235 list = list_first_entry(&qgroup->groups,
236 struct btrfs_qgroup_list, next_group);
237 list_del(&list->next_group);
238 list_del(&list->next_member);
239 kfree(list);
240 }
241
242 while (!list_empty(&qgroup->members)) {
243 list = list_first_entry(&qgroup->members,
244 struct btrfs_qgroup_list, next_member);
245 list_del(&list->next_group);
246 list_del(&list->next_member);
247 kfree(list);
248 }
249}
250
251/* must be called with qgroup_lock held */
252static int del_qgroup_rb(struct btrfs_fs_info *fs_info, u64 qgroupid)
253{
254 struct btrfs_qgroup *qgroup = find_qgroup_rb(fs_info, qgroupid);
255
256 if (!qgroup)
257 return -ENOENT;
258
259 rb_erase(&qgroup->node, &fs_info->qgroup_tree);
260 __del_qgroup_rb(qgroup);
261 return 0;
262}
263
264/*
265 * Add relation specified by two qgroups.
266 *
267 * Must be called with qgroup_lock held, the ownership of @prealloc is
268 * transferred to this function and caller should not touch it anymore.
269 *
270 * Return: 0 on success
271 * -ENOENT if one of the qgroups is NULL
272 * <0 other errors
273 */
274static int __add_relation_rb(struct btrfs_qgroup_list *prealloc,
275 struct btrfs_qgroup *member,
276 struct btrfs_qgroup *parent)
277{
278 if (!member || !parent) {
279 kfree(prealloc);
280 return -ENOENT;
281 }
282
283 prealloc->group = parent;
284 prealloc->member = member;
285 list_add_tail(&prealloc->next_group, &member->groups);
286 list_add_tail(&prealloc->next_member, &parent->members);
287
288 return 0;
289}
290
291/*
292 * Add relation specified by two qgroup ids.
293 *
294 * Must be called with qgroup_lock held.
295 *
296 * Return: 0 on success
297 * -ENOENT if one of the ids does not exist
298 * <0 other errors
299 */
300static int add_relation_rb(struct btrfs_fs_info *fs_info,
301 struct btrfs_qgroup_list *prealloc,
302 u64 memberid, u64 parentid)
303{
304 struct btrfs_qgroup *member;
305 struct btrfs_qgroup *parent;
306
307 member = find_qgroup_rb(fs_info, memberid);
308 parent = find_qgroup_rb(fs_info, parentid);
309
310 return __add_relation_rb(prealloc, member, parent);
311}
312
313/* Must be called with qgroup_lock held */
314static int del_relation_rb(struct btrfs_fs_info *fs_info,
315 u64 memberid, u64 parentid)
316{
317 struct btrfs_qgroup *member;
318 struct btrfs_qgroup *parent;
319 struct btrfs_qgroup_list *list;
320
321 member = find_qgroup_rb(fs_info, memberid);
322 parent = find_qgroup_rb(fs_info, parentid);
323 if (!member || !parent)
324 return -ENOENT;
325
326 list_for_each_entry(list, &member->groups, next_group) {
327 if (list->group == parent) {
328 list_del(&list->next_group);
329 list_del(&list->next_member);
330 kfree(list);
331 return 0;
332 }
333 }
334 return -ENOENT;
335}
336
337#ifdef CONFIG_BTRFS_FS_RUN_SANITY_TESTS
338int btrfs_verify_qgroup_counts(const struct btrfs_fs_info *fs_info, u64 qgroupid,
339 u64 rfer, u64 excl)
340{
341 struct btrfs_qgroup *qgroup;
342
343 qgroup = find_qgroup_rb(fs_info, qgroupid);
344 if (!qgroup)
345 return -EINVAL;
346 if (qgroup->rfer != rfer || qgroup->excl != excl)
347 return -EINVAL;
348 return 0;
349}
350#endif
351
352static void qgroup_mark_inconsistent(struct btrfs_fs_info *fs_info)
353{
354 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_SIMPLE)
355 return;
356 fs_info->qgroup_flags |= (BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT |
357 BTRFS_QGROUP_RUNTIME_FLAG_CANCEL_RESCAN |
358 BTRFS_QGROUP_RUNTIME_FLAG_NO_ACCOUNTING);
359}
360
361static void qgroup_read_enable_gen(struct btrfs_fs_info *fs_info,
362 struct extent_buffer *leaf, int slot,
363 struct btrfs_qgroup_status_item *ptr)
364{
365 ASSERT(btrfs_fs_incompat(fs_info, SIMPLE_QUOTA));
366 ASSERT(btrfs_item_size(leaf, slot) >= sizeof(*ptr));
367 fs_info->qgroup_enable_gen = btrfs_qgroup_status_enable_gen(leaf, ptr);
368}
369
370/*
371 * The full config is read in one go, only called from open_ctree()
372 * It doesn't use any locking, as at this point we're still single-threaded
373 */
374int btrfs_read_qgroup_config(struct btrfs_fs_info *fs_info)
375{
376 struct btrfs_key key;
377 struct btrfs_key found_key;
378 struct btrfs_root *quota_root = fs_info->quota_root;
379 struct btrfs_path *path = NULL;
380 struct extent_buffer *l;
381 int slot;
382 int ret = 0;
383 u64 flags = 0;
384 u64 rescan_progress = 0;
385
386 if (!fs_info->quota_root)
387 return 0;
388
389 fs_info->qgroup_ulist = ulist_alloc(GFP_KERNEL);
390 if (!fs_info->qgroup_ulist) {
391 ret = -ENOMEM;
392 goto out;
393 }
394
395 path = btrfs_alloc_path();
396 if (!path) {
397 ret = -ENOMEM;
398 goto out;
399 }
400
401 ret = btrfs_sysfs_add_qgroups(fs_info);
402 if (ret < 0)
403 goto out;
404 /* default this to quota off, in case no status key is found */
405 fs_info->qgroup_flags = 0;
406
407 /*
408 * pass 1: read status, all qgroup infos and limits
409 */
410 key.objectid = 0;
411 key.type = 0;
412 key.offset = 0;
413 ret = btrfs_search_slot_for_read(quota_root, &key, path, 1, 1);
414 if (ret)
415 goto out;
416
417 while (1) {
418 struct btrfs_qgroup *qgroup;
419
420 slot = path->slots[0];
421 l = path->nodes[0];
422 btrfs_item_key_to_cpu(l, &found_key, slot);
423
424 if (found_key.type == BTRFS_QGROUP_STATUS_KEY) {
425 struct btrfs_qgroup_status_item *ptr;
426
427 ptr = btrfs_item_ptr(l, slot,
428 struct btrfs_qgroup_status_item);
429
430 if (btrfs_qgroup_status_version(l, ptr) !=
431 BTRFS_QGROUP_STATUS_VERSION) {
432 btrfs_err(fs_info,
433 "old qgroup version, quota disabled");
434 goto out;
435 }
436 fs_info->qgroup_flags = btrfs_qgroup_status_flags(l, ptr);
437 if (fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_SIMPLE_MODE) {
438 qgroup_read_enable_gen(fs_info, l, slot, ptr);
439 } else if (btrfs_qgroup_status_generation(l, ptr) != fs_info->generation) {
440 qgroup_mark_inconsistent(fs_info);
441 btrfs_err(fs_info,
442 "qgroup generation mismatch, marked as inconsistent");
443 }
444 rescan_progress = btrfs_qgroup_status_rescan(l, ptr);
445 goto next1;
446 }
447
448 if (found_key.type != BTRFS_QGROUP_INFO_KEY &&
449 found_key.type != BTRFS_QGROUP_LIMIT_KEY)
450 goto next1;
451
452 qgroup = find_qgroup_rb(fs_info, found_key.offset);
453 if ((qgroup && found_key.type == BTRFS_QGROUP_INFO_KEY) ||
454 (!qgroup && found_key.type == BTRFS_QGROUP_LIMIT_KEY)) {
455 btrfs_err(fs_info, "inconsistent qgroup config");
456 qgroup_mark_inconsistent(fs_info);
457 }
458 if (!qgroup) {
459 struct btrfs_qgroup *prealloc;
460 struct btrfs_root *tree_root = fs_info->tree_root;
461
462 prealloc = kzalloc(sizeof(*prealloc), GFP_KERNEL);
463 if (!prealloc) {
464 ret = -ENOMEM;
465 goto out;
466 }
467 qgroup = add_qgroup_rb(fs_info, prealloc, found_key.offset);
468 /*
469 * If a qgroup exists for a subvolume ID, it is possible
470 * that subvolume has been deleted, in which case
471 * reusing that ID would lead to incorrect accounting.
472 *
473 * Ensure that we skip any such subvol ids.
474 *
475 * We don't need to lock because this is only called
476 * during mount before we start doing things like creating
477 * subvolumes.
478 */
479 if (is_fstree(qgroup->qgroupid) &&
480 qgroup->qgroupid > tree_root->free_objectid)
481 /*
482 * Don't need to check against BTRFS_LAST_FREE_OBJECTID,
483 * as it will get checked on the next call to
484 * btrfs_get_free_objectid.
485 */
486 tree_root->free_objectid = qgroup->qgroupid + 1;
487 }
488 ret = btrfs_sysfs_add_one_qgroup(fs_info, qgroup);
489 if (ret < 0)
490 goto out;
491
492 switch (found_key.type) {
493 case BTRFS_QGROUP_INFO_KEY: {
494 struct btrfs_qgroup_info_item *ptr;
495
496 ptr = btrfs_item_ptr(l, slot,
497 struct btrfs_qgroup_info_item);
498 qgroup->rfer = btrfs_qgroup_info_rfer(l, ptr);
499 qgroup->rfer_cmpr = btrfs_qgroup_info_rfer_cmpr(l, ptr);
500 qgroup->excl = btrfs_qgroup_info_excl(l, ptr);
501 qgroup->excl_cmpr = btrfs_qgroup_info_excl_cmpr(l, ptr);
502 /* generation currently unused */
503 break;
504 }
505 case BTRFS_QGROUP_LIMIT_KEY: {
506 struct btrfs_qgroup_limit_item *ptr;
507
508 ptr = btrfs_item_ptr(l, slot,
509 struct btrfs_qgroup_limit_item);
510 qgroup->lim_flags = btrfs_qgroup_limit_flags(l, ptr);
511 qgroup->max_rfer = btrfs_qgroup_limit_max_rfer(l, ptr);
512 qgroup->max_excl = btrfs_qgroup_limit_max_excl(l, ptr);
513 qgroup->rsv_rfer = btrfs_qgroup_limit_rsv_rfer(l, ptr);
514 qgroup->rsv_excl = btrfs_qgroup_limit_rsv_excl(l, ptr);
515 break;
516 }
517 }
518next1:
519 ret = btrfs_next_item(quota_root, path);
520 if (ret < 0)
521 goto out;
522 if (ret)
523 break;
524 }
525 btrfs_release_path(path);
526
527 /*
528 * pass 2: read all qgroup relations
529 */
530 key.objectid = 0;
531 key.type = BTRFS_QGROUP_RELATION_KEY;
532 key.offset = 0;
533 ret = btrfs_search_slot_for_read(quota_root, &key, path, 1, 0);
534 if (ret)
535 goto out;
536 while (1) {
537 struct btrfs_qgroup_list *list = NULL;
538
539 slot = path->slots[0];
540 l = path->nodes[0];
541 btrfs_item_key_to_cpu(l, &found_key, slot);
542
543 if (found_key.type != BTRFS_QGROUP_RELATION_KEY)
544 goto next2;
545
546 if (found_key.objectid > found_key.offset) {
547 /* parent <- member, not needed to build config */
548 /* FIXME should we omit the key completely? */
549 goto next2;
550 }
551
552 list = kzalloc(sizeof(*list), GFP_KERNEL);
553 if (!list) {
554 ret = -ENOMEM;
555 goto out;
556 }
557 ret = add_relation_rb(fs_info, list, found_key.objectid,
558 found_key.offset);
559 list = NULL;
560 if (ret == -ENOENT) {
561 btrfs_warn(fs_info,
562 "orphan qgroup relation 0x%llx->0x%llx",
563 found_key.objectid, found_key.offset);
564 ret = 0; /* ignore the error */
565 }
566 if (ret)
567 goto out;
568next2:
569 ret = btrfs_next_item(quota_root, path);
570 if (ret < 0)
571 goto out;
572 if (ret)
573 break;
574 }
575out:
576 btrfs_free_path(path);
577 fs_info->qgroup_flags |= flags;
578 if (ret >= 0) {
579 if (fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_ON)
580 set_bit(BTRFS_FS_QUOTA_ENABLED, &fs_info->flags);
581 if (fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_RESCAN)
582 ret = qgroup_rescan_init(fs_info, rescan_progress, 0);
583 } else {
584 ulist_free(fs_info->qgroup_ulist);
585 fs_info->qgroup_ulist = NULL;
586 fs_info->qgroup_flags &= ~BTRFS_QGROUP_STATUS_FLAG_RESCAN;
587 btrfs_sysfs_del_qgroups(fs_info);
588 }
589
590 return ret < 0 ? ret : 0;
591}
592
593/*
594 * Called in close_ctree() when quota is still enabled. This verifies we don't
595 * leak some reserved space.
596 *
597 * Return false if no reserved space is left.
598 * Return true if some reserved space is leaked.
599 */
600bool btrfs_check_quota_leak(const struct btrfs_fs_info *fs_info)
601{
602 struct rb_node *node;
603 bool ret = false;
604
605 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_DISABLED)
606 return ret;
607 /*
608 * Since we're unmounting, there is no race and no need to grab qgroup
609 * lock. And here we don't go post-order to provide a more user
610 * friendly sorted result.
611 */
612 for (node = rb_first(&fs_info->qgroup_tree); node; node = rb_next(node)) {
613 struct btrfs_qgroup *qgroup;
614 int i;
615
616 qgroup = rb_entry(node, struct btrfs_qgroup, node);
617 for (i = 0; i < BTRFS_QGROUP_RSV_LAST; i++) {
618 if (qgroup->rsv.values[i]) {
619 ret = true;
620 btrfs_warn(fs_info,
621 "qgroup %hu/%llu has unreleased space, type %d rsv %llu",
622 btrfs_qgroup_level(qgroup->qgroupid),
623 btrfs_qgroup_subvolid(qgroup->qgroupid),
624 i, qgroup->rsv.values[i]);
625 }
626 }
627 }
628 return ret;
629}
630
631/*
632 * This is called from close_ctree() or open_ctree() or btrfs_quota_disable(),
633 * first two are in single-threaded paths.And for the third one, we have set
634 * quota_root to be null with qgroup_lock held before, so it is safe to clean
635 * up the in-memory structures without qgroup_lock held.
636 */
637void btrfs_free_qgroup_config(struct btrfs_fs_info *fs_info)
638{
639 struct rb_node *n;
640 struct btrfs_qgroup *qgroup;
641
642 while ((n = rb_first(&fs_info->qgroup_tree))) {
643 qgroup = rb_entry(n, struct btrfs_qgroup, node);
644 rb_erase(n, &fs_info->qgroup_tree);
645 __del_qgroup_rb(qgroup);
646 btrfs_sysfs_del_one_qgroup(fs_info, qgroup);
647 kfree(qgroup);
648 }
649 /*
650 * We call btrfs_free_qgroup_config() when unmounting
651 * filesystem and disabling quota, so we set qgroup_ulist
652 * to be null here to avoid double free.
653 */
654 ulist_free(fs_info->qgroup_ulist);
655 fs_info->qgroup_ulist = NULL;
656 btrfs_sysfs_del_qgroups(fs_info);
657}
658
659static int add_qgroup_relation_item(struct btrfs_trans_handle *trans, u64 src,
660 u64 dst)
661{
662 int ret;
663 struct btrfs_root *quota_root = trans->fs_info->quota_root;
664 struct btrfs_path *path;
665 struct btrfs_key key;
666
667 path = btrfs_alloc_path();
668 if (!path)
669 return -ENOMEM;
670
671 key.objectid = src;
672 key.type = BTRFS_QGROUP_RELATION_KEY;
673 key.offset = dst;
674
675 ret = btrfs_insert_empty_item(trans, quota_root, path, &key, 0);
676 btrfs_free_path(path);
677 return ret;
678}
679
680static int del_qgroup_relation_item(struct btrfs_trans_handle *trans, u64 src,
681 u64 dst)
682{
683 int ret;
684 struct btrfs_root *quota_root = trans->fs_info->quota_root;
685 struct btrfs_path *path;
686 struct btrfs_key key;
687
688 path = btrfs_alloc_path();
689 if (!path)
690 return -ENOMEM;
691
692 key.objectid = src;
693 key.type = BTRFS_QGROUP_RELATION_KEY;
694 key.offset = dst;
695
696 ret = btrfs_search_slot(trans, quota_root, &key, path, -1, 1);
697 if (ret < 0)
698 goto out;
699
700 if (ret > 0) {
701 ret = -ENOENT;
702 goto out;
703 }
704
705 ret = btrfs_del_item(trans, quota_root, path);
706out:
707 btrfs_free_path(path);
708 return ret;
709}
710
711static int add_qgroup_item(struct btrfs_trans_handle *trans,
712 struct btrfs_root *quota_root, u64 qgroupid)
713{
714 int ret;
715 struct btrfs_path *path;
716 struct btrfs_qgroup_info_item *qgroup_info;
717 struct btrfs_qgroup_limit_item *qgroup_limit;
718 struct extent_buffer *leaf;
719 struct btrfs_key key;
720
721 if (btrfs_is_testing(quota_root->fs_info))
722 return 0;
723
724 path = btrfs_alloc_path();
725 if (!path)
726 return -ENOMEM;
727
728 key.objectid = 0;
729 key.type = BTRFS_QGROUP_INFO_KEY;
730 key.offset = qgroupid;
731
732 /*
733 * Avoid a transaction abort by catching -EEXIST here. In that
734 * case, we proceed by re-initializing the existing structure
735 * on disk.
736 */
737
738 ret = btrfs_insert_empty_item(trans, quota_root, path, &key,
739 sizeof(*qgroup_info));
740 if (ret && ret != -EEXIST)
741 goto out;
742
743 leaf = path->nodes[0];
744 qgroup_info = btrfs_item_ptr(leaf, path->slots[0],
745 struct btrfs_qgroup_info_item);
746 btrfs_set_qgroup_info_generation(leaf, qgroup_info, trans->transid);
747 btrfs_set_qgroup_info_rfer(leaf, qgroup_info, 0);
748 btrfs_set_qgroup_info_rfer_cmpr(leaf, qgroup_info, 0);
749 btrfs_set_qgroup_info_excl(leaf, qgroup_info, 0);
750 btrfs_set_qgroup_info_excl_cmpr(leaf, qgroup_info, 0);
751
752 btrfs_release_path(path);
753
754 key.type = BTRFS_QGROUP_LIMIT_KEY;
755 ret = btrfs_insert_empty_item(trans, quota_root, path, &key,
756 sizeof(*qgroup_limit));
757 if (ret && ret != -EEXIST)
758 goto out;
759
760 leaf = path->nodes[0];
761 qgroup_limit = btrfs_item_ptr(leaf, path->slots[0],
762 struct btrfs_qgroup_limit_item);
763 btrfs_set_qgroup_limit_flags(leaf, qgroup_limit, 0);
764 btrfs_set_qgroup_limit_max_rfer(leaf, qgroup_limit, 0);
765 btrfs_set_qgroup_limit_max_excl(leaf, qgroup_limit, 0);
766 btrfs_set_qgroup_limit_rsv_rfer(leaf, qgroup_limit, 0);
767 btrfs_set_qgroup_limit_rsv_excl(leaf, qgroup_limit, 0);
768
769 ret = 0;
770out:
771 btrfs_free_path(path);
772 return ret;
773}
774
775static int del_qgroup_item(struct btrfs_trans_handle *trans, u64 qgroupid)
776{
777 int ret;
778 struct btrfs_root *quota_root = trans->fs_info->quota_root;
779 struct btrfs_path *path;
780 struct btrfs_key key;
781
782 path = btrfs_alloc_path();
783 if (!path)
784 return -ENOMEM;
785
786 key.objectid = 0;
787 key.type = BTRFS_QGROUP_INFO_KEY;
788 key.offset = qgroupid;
789 ret = btrfs_search_slot(trans, quota_root, &key, path, -1, 1);
790 if (ret < 0)
791 goto out;
792
793 if (ret > 0) {
794 ret = -ENOENT;
795 goto out;
796 }
797
798 ret = btrfs_del_item(trans, quota_root, path);
799 if (ret)
800 goto out;
801
802 btrfs_release_path(path);
803
804 key.type = BTRFS_QGROUP_LIMIT_KEY;
805 ret = btrfs_search_slot(trans, quota_root, &key, path, -1, 1);
806 if (ret < 0)
807 goto out;
808
809 if (ret > 0) {
810 ret = -ENOENT;
811 goto out;
812 }
813
814 ret = btrfs_del_item(trans, quota_root, path);
815
816out:
817 btrfs_free_path(path);
818 return ret;
819}
820
821static int update_qgroup_limit_item(struct btrfs_trans_handle *trans,
822 struct btrfs_qgroup *qgroup)
823{
824 struct btrfs_root *quota_root = trans->fs_info->quota_root;
825 struct btrfs_path *path;
826 struct btrfs_key key;
827 struct extent_buffer *l;
828 struct btrfs_qgroup_limit_item *qgroup_limit;
829 int ret;
830 int slot;
831
832 key.objectid = 0;
833 key.type = BTRFS_QGROUP_LIMIT_KEY;
834 key.offset = qgroup->qgroupid;
835
836 path = btrfs_alloc_path();
837 if (!path)
838 return -ENOMEM;
839
840 ret = btrfs_search_slot(trans, quota_root, &key, path, 0, 1);
841 if (ret > 0)
842 ret = -ENOENT;
843
844 if (ret)
845 goto out;
846
847 l = path->nodes[0];
848 slot = path->slots[0];
849 qgroup_limit = btrfs_item_ptr(l, slot, struct btrfs_qgroup_limit_item);
850 btrfs_set_qgroup_limit_flags(l, qgroup_limit, qgroup->lim_flags);
851 btrfs_set_qgroup_limit_max_rfer(l, qgroup_limit, qgroup->max_rfer);
852 btrfs_set_qgroup_limit_max_excl(l, qgroup_limit, qgroup->max_excl);
853 btrfs_set_qgroup_limit_rsv_rfer(l, qgroup_limit, qgroup->rsv_rfer);
854 btrfs_set_qgroup_limit_rsv_excl(l, qgroup_limit, qgroup->rsv_excl);
855out:
856 btrfs_free_path(path);
857 return ret;
858}
859
860static int update_qgroup_info_item(struct btrfs_trans_handle *trans,
861 struct btrfs_qgroup *qgroup)
862{
863 struct btrfs_fs_info *fs_info = trans->fs_info;
864 struct btrfs_root *quota_root = fs_info->quota_root;
865 struct btrfs_path *path;
866 struct btrfs_key key;
867 struct extent_buffer *l;
868 struct btrfs_qgroup_info_item *qgroup_info;
869 int ret;
870 int slot;
871
872 if (btrfs_is_testing(fs_info))
873 return 0;
874
875 key.objectid = 0;
876 key.type = BTRFS_QGROUP_INFO_KEY;
877 key.offset = qgroup->qgroupid;
878
879 path = btrfs_alloc_path();
880 if (!path)
881 return -ENOMEM;
882
883 ret = btrfs_search_slot(trans, quota_root, &key, path, 0, 1);
884 if (ret > 0)
885 ret = -ENOENT;
886
887 if (ret)
888 goto out;
889
890 l = path->nodes[0];
891 slot = path->slots[0];
892 qgroup_info = btrfs_item_ptr(l, slot, struct btrfs_qgroup_info_item);
893 btrfs_set_qgroup_info_generation(l, qgroup_info, trans->transid);
894 btrfs_set_qgroup_info_rfer(l, qgroup_info, qgroup->rfer);
895 btrfs_set_qgroup_info_rfer_cmpr(l, qgroup_info, qgroup->rfer_cmpr);
896 btrfs_set_qgroup_info_excl(l, qgroup_info, qgroup->excl);
897 btrfs_set_qgroup_info_excl_cmpr(l, qgroup_info, qgroup->excl_cmpr);
898out:
899 btrfs_free_path(path);
900 return ret;
901}
902
903static int update_qgroup_status_item(struct btrfs_trans_handle *trans)
904{
905 struct btrfs_fs_info *fs_info = trans->fs_info;
906 struct btrfs_root *quota_root = fs_info->quota_root;
907 struct btrfs_path *path;
908 struct btrfs_key key;
909 struct extent_buffer *l;
910 struct btrfs_qgroup_status_item *ptr;
911 int ret;
912 int slot;
913
914 key.objectid = 0;
915 key.type = BTRFS_QGROUP_STATUS_KEY;
916 key.offset = 0;
917
918 path = btrfs_alloc_path();
919 if (!path)
920 return -ENOMEM;
921
922 ret = btrfs_search_slot(trans, quota_root, &key, path, 0, 1);
923 if (ret > 0)
924 ret = -ENOENT;
925
926 if (ret)
927 goto out;
928
929 l = path->nodes[0];
930 slot = path->slots[0];
931 ptr = btrfs_item_ptr(l, slot, struct btrfs_qgroup_status_item);
932 btrfs_set_qgroup_status_flags(l, ptr, fs_info->qgroup_flags &
933 BTRFS_QGROUP_STATUS_FLAGS_MASK);
934 btrfs_set_qgroup_status_generation(l, ptr, trans->transid);
935 btrfs_set_qgroup_status_rescan(l, ptr,
936 fs_info->qgroup_rescan_progress.objectid);
937out:
938 btrfs_free_path(path);
939 return ret;
940}
941
942/*
943 * called with qgroup_lock held
944 */
945static int btrfs_clean_quota_tree(struct btrfs_trans_handle *trans,
946 struct btrfs_root *root)
947{
948 struct btrfs_path *path;
949 struct btrfs_key key;
950 struct extent_buffer *leaf = NULL;
951 int ret;
952 int nr = 0;
953
954 path = btrfs_alloc_path();
955 if (!path)
956 return -ENOMEM;
957
958 key.objectid = 0;
959 key.offset = 0;
960 key.type = 0;
961
962 while (1) {
963 ret = btrfs_search_slot(trans, root, &key, path, -1, 1);
964 if (ret < 0)
965 goto out;
966 leaf = path->nodes[0];
967 nr = btrfs_header_nritems(leaf);
968 if (!nr)
969 break;
970 /*
971 * delete the leaf one by one
972 * since the whole tree is going
973 * to be deleted.
974 */
975 path->slots[0] = 0;
976 ret = btrfs_del_items(trans, root, path, 0, nr);
977 if (ret)
978 goto out;
979
980 btrfs_release_path(path);
981 }
982 ret = 0;
983out:
984 btrfs_free_path(path);
985 return ret;
986}
987
988int btrfs_quota_enable(struct btrfs_fs_info *fs_info,
989 struct btrfs_ioctl_quota_ctl_args *quota_ctl_args)
990{
991 struct btrfs_root *quota_root;
992 struct btrfs_root *tree_root = fs_info->tree_root;
993 struct btrfs_path *path = NULL;
994 struct btrfs_qgroup_status_item *ptr;
995 struct extent_buffer *leaf;
996 struct btrfs_key key;
997 struct btrfs_key found_key;
998 struct btrfs_qgroup *qgroup = NULL;
999 struct btrfs_qgroup *prealloc = NULL;
1000 struct btrfs_trans_handle *trans = NULL;
1001 struct ulist *ulist = NULL;
1002 const bool simple = (quota_ctl_args->cmd == BTRFS_QUOTA_CTL_ENABLE_SIMPLE_QUOTA);
1003 int ret = 0;
1004 int slot;
1005
1006 /*
1007 * We need to have subvol_sem write locked, to prevent races between
1008 * concurrent tasks trying to enable quotas, because we will unlock
1009 * and relock qgroup_ioctl_lock before setting fs_info->quota_root
1010 * and before setting BTRFS_FS_QUOTA_ENABLED.
1011 */
1012 lockdep_assert_held_write(&fs_info->subvol_sem);
1013
1014 if (btrfs_fs_incompat(fs_info, EXTENT_TREE_V2)) {
1015 btrfs_err(fs_info,
1016 "qgroups are currently unsupported in extent tree v2");
1017 return -EINVAL;
1018 }
1019
1020 mutex_lock(&fs_info->qgroup_ioctl_lock);
1021 if (fs_info->quota_root)
1022 goto out;
1023
1024 ulist = ulist_alloc(GFP_KERNEL);
1025 if (!ulist) {
1026 ret = -ENOMEM;
1027 goto out;
1028 }
1029
1030 ret = btrfs_sysfs_add_qgroups(fs_info);
1031 if (ret < 0)
1032 goto out;
1033
1034 /*
1035 * Unlock qgroup_ioctl_lock before starting the transaction. This is to
1036 * avoid lock acquisition inversion problems (reported by lockdep) between
1037 * qgroup_ioctl_lock and the vfs freeze semaphores, acquired when we
1038 * start a transaction.
1039 * After we started the transaction lock qgroup_ioctl_lock again and
1040 * check if someone else created the quota root in the meanwhile. If so,
1041 * just return success and release the transaction handle.
1042 *
1043 * Also we don't need to worry about someone else calling
1044 * btrfs_sysfs_add_qgroups() after we unlock and getting an error because
1045 * that function returns 0 (success) when the sysfs entries already exist.
1046 */
1047 mutex_unlock(&fs_info->qgroup_ioctl_lock);
1048
1049 /*
1050 * 1 for quota root item
1051 * 1 for BTRFS_QGROUP_STATUS item
1052 *
1053 * Yet we also need 2*n items for a QGROUP_INFO/QGROUP_LIMIT items
1054 * per subvolume. However those are not currently reserved since it
1055 * would be a lot of overkill.
1056 */
1057 trans = btrfs_start_transaction(tree_root, 2);
1058
1059 mutex_lock(&fs_info->qgroup_ioctl_lock);
1060 if (IS_ERR(trans)) {
1061 ret = PTR_ERR(trans);
1062 trans = NULL;
1063 goto out;
1064 }
1065
1066 if (fs_info->quota_root)
1067 goto out;
1068
1069 fs_info->qgroup_ulist = ulist;
1070 ulist = NULL;
1071
1072 /*
1073 * initially create the quota tree
1074 */
1075 quota_root = btrfs_create_tree(trans, BTRFS_QUOTA_TREE_OBJECTID);
1076 if (IS_ERR(quota_root)) {
1077 ret = PTR_ERR(quota_root);
1078 btrfs_abort_transaction(trans, ret);
1079 goto out;
1080 }
1081
1082 path = btrfs_alloc_path();
1083 if (!path) {
1084 ret = -ENOMEM;
1085 btrfs_abort_transaction(trans, ret);
1086 goto out_free_root;
1087 }
1088
1089 key.objectid = 0;
1090 key.type = BTRFS_QGROUP_STATUS_KEY;
1091 key.offset = 0;
1092
1093 ret = btrfs_insert_empty_item(trans, quota_root, path, &key,
1094 sizeof(*ptr));
1095 if (ret) {
1096 btrfs_abort_transaction(trans, ret);
1097 goto out_free_path;
1098 }
1099
1100 leaf = path->nodes[0];
1101 ptr = btrfs_item_ptr(leaf, path->slots[0],
1102 struct btrfs_qgroup_status_item);
1103 btrfs_set_qgroup_status_generation(leaf, ptr, trans->transid);
1104 btrfs_set_qgroup_status_version(leaf, ptr, BTRFS_QGROUP_STATUS_VERSION);
1105 fs_info->qgroup_flags = BTRFS_QGROUP_STATUS_FLAG_ON;
1106 if (simple) {
1107 fs_info->qgroup_flags |= BTRFS_QGROUP_STATUS_FLAG_SIMPLE_MODE;
1108 btrfs_set_fs_incompat(fs_info, SIMPLE_QUOTA);
1109 btrfs_set_qgroup_status_enable_gen(leaf, ptr, trans->transid);
1110 } else {
1111 fs_info->qgroup_flags |= BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT;
1112 }
1113 btrfs_set_qgroup_status_flags(leaf, ptr, fs_info->qgroup_flags &
1114 BTRFS_QGROUP_STATUS_FLAGS_MASK);
1115 btrfs_set_qgroup_status_rescan(leaf, ptr, 0);
1116
1117 key.objectid = 0;
1118 key.type = BTRFS_ROOT_REF_KEY;
1119 key.offset = 0;
1120
1121 btrfs_release_path(path);
1122 ret = btrfs_search_slot_for_read(tree_root, &key, path, 1, 0);
1123 if (ret > 0)
1124 goto out_add_root;
1125 if (ret < 0) {
1126 btrfs_abort_transaction(trans, ret);
1127 goto out_free_path;
1128 }
1129
1130 while (1) {
1131 slot = path->slots[0];
1132 leaf = path->nodes[0];
1133 btrfs_item_key_to_cpu(leaf, &found_key, slot);
1134
1135 if (found_key.type == BTRFS_ROOT_REF_KEY) {
1136
1137 /* Release locks on tree_root before we access quota_root */
1138 btrfs_release_path(path);
1139
1140 /* We should not have a stray @prealloc pointer. */
1141 ASSERT(prealloc == NULL);
1142 prealloc = kzalloc(sizeof(*prealloc), GFP_NOFS);
1143 if (!prealloc) {
1144 ret = -ENOMEM;
1145 btrfs_abort_transaction(trans, ret);
1146 goto out_free_path;
1147 }
1148
1149 ret = add_qgroup_item(trans, quota_root,
1150 found_key.offset);
1151 if (ret) {
1152 btrfs_abort_transaction(trans, ret);
1153 goto out_free_path;
1154 }
1155
1156 qgroup = add_qgroup_rb(fs_info, prealloc, found_key.offset);
1157 prealloc = NULL;
1158 if (IS_ERR(qgroup)) {
1159 ret = PTR_ERR(qgroup);
1160 btrfs_abort_transaction(trans, ret);
1161 goto out_free_path;
1162 }
1163 ret = btrfs_sysfs_add_one_qgroup(fs_info, qgroup);
1164 if (ret < 0) {
1165 btrfs_abort_transaction(trans, ret);
1166 goto out_free_path;
1167 }
1168 ret = btrfs_search_slot_for_read(tree_root, &found_key,
1169 path, 1, 0);
1170 if (ret < 0) {
1171 btrfs_abort_transaction(trans, ret);
1172 goto out_free_path;
1173 }
1174 if (ret > 0) {
1175 /*
1176 * Shouldn't happen, but in case it does we
1177 * don't need to do the btrfs_next_item, just
1178 * continue.
1179 */
1180 continue;
1181 }
1182 }
1183 ret = btrfs_next_item(tree_root, path);
1184 if (ret < 0) {
1185 btrfs_abort_transaction(trans, ret);
1186 goto out_free_path;
1187 }
1188 if (ret)
1189 break;
1190 }
1191
1192out_add_root:
1193 btrfs_release_path(path);
1194 ret = add_qgroup_item(trans, quota_root, BTRFS_FS_TREE_OBJECTID);
1195 if (ret) {
1196 btrfs_abort_transaction(trans, ret);
1197 goto out_free_path;
1198 }
1199
1200 ASSERT(prealloc == NULL);
1201 prealloc = kzalloc(sizeof(*prealloc), GFP_NOFS);
1202 if (!prealloc) {
1203 ret = -ENOMEM;
1204 goto out_free_path;
1205 }
1206 qgroup = add_qgroup_rb(fs_info, prealloc, BTRFS_FS_TREE_OBJECTID);
1207 prealloc = NULL;
1208 ret = btrfs_sysfs_add_one_qgroup(fs_info, qgroup);
1209 if (ret < 0) {
1210 btrfs_abort_transaction(trans, ret);
1211 goto out_free_path;
1212 }
1213
1214 fs_info->qgroup_enable_gen = trans->transid;
1215
1216 mutex_unlock(&fs_info->qgroup_ioctl_lock);
1217 /*
1218 * Commit the transaction while not holding qgroup_ioctl_lock, to avoid
1219 * a deadlock with tasks concurrently doing other qgroup operations, such
1220 * adding/removing qgroups or adding/deleting qgroup relations for example,
1221 * because all qgroup operations first start or join a transaction and then
1222 * lock the qgroup_ioctl_lock mutex.
1223 * We are safe from a concurrent task trying to enable quotas, by calling
1224 * this function, since we are serialized by fs_info->subvol_sem.
1225 */
1226 ret = btrfs_commit_transaction(trans);
1227 trans = NULL;
1228 mutex_lock(&fs_info->qgroup_ioctl_lock);
1229 if (ret)
1230 goto out_free_path;
1231
1232 /*
1233 * Set quota enabled flag after committing the transaction, to avoid
1234 * deadlocks on fs_info->qgroup_ioctl_lock with concurrent snapshot
1235 * creation.
1236 */
1237 spin_lock(&fs_info->qgroup_lock);
1238 fs_info->quota_root = quota_root;
1239 set_bit(BTRFS_FS_QUOTA_ENABLED, &fs_info->flags);
1240 spin_unlock(&fs_info->qgroup_lock);
1241
1242 /* Skip rescan for simple qgroups. */
1243 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_SIMPLE)
1244 goto out_free_path;
1245
1246 ret = qgroup_rescan_init(fs_info, 0, 1);
1247 if (!ret) {
1248 qgroup_rescan_zero_tracking(fs_info);
1249 fs_info->qgroup_rescan_running = true;
1250 btrfs_queue_work(fs_info->qgroup_rescan_workers,
1251 &fs_info->qgroup_rescan_work);
1252 } else {
1253 /*
1254 * We have set both BTRFS_FS_QUOTA_ENABLED and
1255 * BTRFS_QGROUP_STATUS_FLAG_ON, so we can only fail with
1256 * -EINPROGRESS. That can happen because someone started the
1257 * rescan worker by calling quota rescan ioctl before we
1258 * attempted to initialize the rescan worker. Failure due to
1259 * quotas disabled in the meanwhile is not possible, because
1260 * we are holding a write lock on fs_info->subvol_sem, which
1261 * is also acquired when disabling quotas.
1262 * Ignore such error, and any other error would need to undo
1263 * everything we did in the transaction we just committed.
1264 */
1265 ASSERT(ret == -EINPROGRESS);
1266 ret = 0;
1267 }
1268
1269out_free_path:
1270 btrfs_free_path(path);
1271out_free_root:
1272 if (ret)
1273 btrfs_put_root(quota_root);
1274out:
1275 if (ret) {
1276 ulist_free(fs_info->qgroup_ulist);
1277 fs_info->qgroup_ulist = NULL;
1278 btrfs_sysfs_del_qgroups(fs_info);
1279 }
1280 mutex_unlock(&fs_info->qgroup_ioctl_lock);
1281 if (ret && trans)
1282 btrfs_end_transaction(trans);
1283 else if (trans)
1284 ret = btrfs_end_transaction(trans);
1285 ulist_free(ulist);
1286 kfree(prealloc);
1287 return ret;
1288}
1289
1290/*
1291 * It is possible to have outstanding ordered extents which reserved bytes
1292 * before we disabled. We need to fully flush delalloc, ordered extents, and a
1293 * commit to ensure that we don't leak such reservations, only to have them
1294 * come back if we re-enable.
1295 *
1296 * - enable simple quotas
1297 * - reserve space
1298 * - release it, store rsv_bytes in OE
1299 * - disable quotas
1300 * - enable simple quotas (qgroup rsv are all 0)
1301 * - OE finishes
1302 * - run delayed refs
1303 * - free rsv_bytes, resulting in miscounting or even underflow
1304 */
1305static int flush_reservations(struct btrfs_fs_info *fs_info)
1306{
1307 int ret;
1308
1309 ret = btrfs_start_delalloc_roots(fs_info, LONG_MAX, false);
1310 if (ret)
1311 return ret;
1312 btrfs_wait_ordered_roots(fs_info, U64_MAX, NULL);
1313
1314 return btrfs_commit_current_transaction(fs_info->tree_root);
1315}
1316
1317int btrfs_quota_disable(struct btrfs_fs_info *fs_info)
1318{
1319 struct btrfs_root *quota_root = NULL;
1320 struct btrfs_trans_handle *trans = NULL;
1321 int ret = 0;
1322
1323 /*
1324 * We need to have subvol_sem write locked to prevent races with
1325 * snapshot creation.
1326 */
1327 lockdep_assert_held_write(&fs_info->subvol_sem);
1328
1329 /*
1330 * Relocation will mess with backrefs, so make sure we have the
1331 * cleaner_mutex held to protect us from relocate.
1332 */
1333 lockdep_assert_held(&fs_info->cleaner_mutex);
1334
1335 mutex_lock(&fs_info->qgroup_ioctl_lock);
1336 if (!fs_info->quota_root)
1337 goto out;
1338
1339 /*
1340 * Unlock the qgroup_ioctl_lock mutex before waiting for the rescan worker to
1341 * complete. Otherwise we can deadlock because btrfs_remove_qgroup() needs
1342 * to lock that mutex while holding a transaction handle and the rescan
1343 * worker needs to commit a transaction.
1344 */
1345 mutex_unlock(&fs_info->qgroup_ioctl_lock);
1346
1347 /*
1348 * Request qgroup rescan worker to complete and wait for it. This wait
1349 * must be done before transaction start for quota disable since it may
1350 * deadlock with transaction by the qgroup rescan worker.
1351 */
1352 clear_bit(BTRFS_FS_QUOTA_ENABLED, &fs_info->flags);
1353 btrfs_qgroup_wait_for_completion(fs_info, false);
1354
1355 /*
1356 * We have nothing held here and no trans handle, just return the error
1357 * if there is one.
1358 */
1359 ret = flush_reservations(fs_info);
1360 if (ret)
1361 return ret;
1362
1363 /*
1364 * 1 For the root item
1365 *
1366 * We should also reserve enough items for the quota tree deletion in
1367 * btrfs_clean_quota_tree but this is not done.
1368 *
1369 * Also, we must always start a transaction without holding the mutex
1370 * qgroup_ioctl_lock, see btrfs_quota_enable().
1371 */
1372 trans = btrfs_start_transaction(fs_info->tree_root, 1);
1373
1374 mutex_lock(&fs_info->qgroup_ioctl_lock);
1375 if (IS_ERR(trans)) {
1376 ret = PTR_ERR(trans);
1377 trans = NULL;
1378 set_bit(BTRFS_FS_QUOTA_ENABLED, &fs_info->flags);
1379 goto out;
1380 }
1381
1382 if (!fs_info->quota_root)
1383 goto out;
1384
1385 spin_lock(&fs_info->qgroup_lock);
1386 quota_root = fs_info->quota_root;
1387 fs_info->quota_root = NULL;
1388 fs_info->qgroup_flags &= ~BTRFS_QGROUP_STATUS_FLAG_ON;
1389 fs_info->qgroup_flags &= ~BTRFS_QGROUP_STATUS_FLAG_SIMPLE_MODE;
1390 fs_info->qgroup_drop_subtree_thres = BTRFS_QGROUP_DROP_SUBTREE_THRES_DEFAULT;
1391 spin_unlock(&fs_info->qgroup_lock);
1392
1393 btrfs_free_qgroup_config(fs_info);
1394
1395 ret = btrfs_clean_quota_tree(trans, quota_root);
1396 if (ret) {
1397 btrfs_abort_transaction(trans, ret);
1398 goto out;
1399 }
1400
1401 ret = btrfs_del_root(trans, "a_root->root_key);
1402 if (ret) {
1403 btrfs_abort_transaction(trans, ret);
1404 goto out;
1405 }
1406
1407 spin_lock(&fs_info->trans_lock);
1408 list_del("a_root->dirty_list);
1409 spin_unlock(&fs_info->trans_lock);
1410
1411 btrfs_tree_lock(quota_root->node);
1412 btrfs_clear_buffer_dirty(trans, quota_root->node);
1413 btrfs_tree_unlock(quota_root->node);
1414 ret = btrfs_free_tree_block(trans, btrfs_root_id(quota_root),
1415 quota_root->node, 0, 1);
1416
1417 if (ret < 0)
1418 btrfs_abort_transaction(trans, ret);
1419
1420out:
1421 btrfs_put_root(quota_root);
1422 mutex_unlock(&fs_info->qgroup_ioctl_lock);
1423 if (ret && trans)
1424 btrfs_end_transaction(trans);
1425 else if (trans)
1426 ret = btrfs_commit_transaction(trans);
1427 return ret;
1428}
1429
1430static void qgroup_dirty(struct btrfs_fs_info *fs_info,
1431 struct btrfs_qgroup *qgroup)
1432{
1433 if (list_empty(&qgroup->dirty))
1434 list_add(&qgroup->dirty, &fs_info->dirty_qgroups);
1435}
1436
1437static void qgroup_iterator_add(struct list_head *head, struct btrfs_qgroup *qgroup)
1438{
1439 if (!list_empty(&qgroup->iterator))
1440 return;
1441
1442 list_add_tail(&qgroup->iterator, head);
1443}
1444
1445static void qgroup_iterator_clean(struct list_head *head)
1446{
1447 while (!list_empty(head)) {
1448 struct btrfs_qgroup *qgroup;
1449
1450 qgroup = list_first_entry(head, struct btrfs_qgroup, iterator);
1451 list_del_init(&qgroup->iterator);
1452 }
1453}
1454
1455/*
1456 * The easy accounting, we're updating qgroup relationship whose child qgroup
1457 * only has exclusive extents.
1458 *
1459 * In this case, all exclusive extents will also be exclusive for parent, so
1460 * excl/rfer just get added/removed.
1461 *
1462 * So is qgroup reservation space, which should also be added/removed to
1463 * parent.
1464 * Or when child tries to release reservation space, parent will underflow its
1465 * reservation (for relationship adding case).
1466 *
1467 * Caller should hold fs_info->qgroup_lock.
1468 */
1469static int __qgroup_excl_accounting(struct btrfs_fs_info *fs_info, u64 ref_root,
1470 struct btrfs_qgroup *src, int sign)
1471{
1472 struct btrfs_qgroup *qgroup;
1473 struct btrfs_qgroup *cur;
1474 LIST_HEAD(qgroup_list);
1475 u64 num_bytes = src->excl;
1476 int ret = 0;
1477
1478 qgroup = find_qgroup_rb(fs_info, ref_root);
1479 if (!qgroup)
1480 goto out;
1481
1482 qgroup_iterator_add(&qgroup_list, qgroup);
1483 list_for_each_entry(cur, &qgroup_list, iterator) {
1484 struct btrfs_qgroup_list *glist;
1485
1486 qgroup->rfer += sign * num_bytes;
1487 qgroup->rfer_cmpr += sign * num_bytes;
1488
1489 WARN_ON(sign < 0 && qgroup->excl < num_bytes);
1490 qgroup->excl += sign * num_bytes;
1491 qgroup->excl_cmpr += sign * num_bytes;
1492
1493 if (sign > 0)
1494 qgroup_rsv_add_by_qgroup(fs_info, qgroup, src);
1495 else
1496 qgroup_rsv_release_by_qgroup(fs_info, qgroup, src);
1497 qgroup_dirty(fs_info, qgroup);
1498
1499 /* Append parent qgroups to @qgroup_list. */
1500 list_for_each_entry(glist, &qgroup->groups, next_group)
1501 qgroup_iterator_add(&qgroup_list, glist->group);
1502 }
1503 ret = 0;
1504out:
1505 qgroup_iterator_clean(&qgroup_list);
1506 return ret;
1507}
1508
1509
1510/*
1511 * Quick path for updating qgroup with only excl refs.
1512 *
1513 * In that case, just update all parent will be enough.
1514 * Or we needs to do a full rescan.
1515 * Caller should also hold fs_info->qgroup_lock.
1516 *
1517 * Return 0 for quick update, return >0 for need to full rescan
1518 * and mark INCONSISTENT flag.
1519 * Return < 0 for other error.
1520 */
1521static int quick_update_accounting(struct btrfs_fs_info *fs_info,
1522 u64 src, u64 dst, int sign)
1523{
1524 struct btrfs_qgroup *qgroup;
1525 int ret = 1;
1526
1527 qgroup = find_qgroup_rb(fs_info, src);
1528 if (!qgroup)
1529 goto out;
1530 if (qgroup->excl == qgroup->rfer) {
1531 ret = __qgroup_excl_accounting(fs_info, dst, qgroup, sign);
1532 if (ret < 0)
1533 goto out;
1534 ret = 0;
1535 }
1536out:
1537 if (ret)
1538 fs_info->qgroup_flags |= BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT;
1539 return ret;
1540}
1541
1542/*
1543 * Add relation between @src and @dst qgroup. The @prealloc is allocated by the
1544 * callers and transferred here (either used or freed on error).
1545 */
1546int btrfs_add_qgroup_relation(struct btrfs_trans_handle *trans, u64 src, u64 dst,
1547 struct btrfs_qgroup_list *prealloc)
1548{
1549 struct btrfs_fs_info *fs_info = trans->fs_info;
1550 struct btrfs_qgroup *parent;
1551 struct btrfs_qgroup *member;
1552 struct btrfs_qgroup_list *list;
1553 int ret = 0;
1554
1555 ASSERT(prealloc);
1556
1557 /* Check the level of src and dst first */
1558 if (btrfs_qgroup_level(src) >= btrfs_qgroup_level(dst))
1559 return -EINVAL;
1560
1561 mutex_lock(&fs_info->qgroup_ioctl_lock);
1562 if (!fs_info->quota_root) {
1563 ret = -ENOTCONN;
1564 goto out;
1565 }
1566 member = find_qgroup_rb(fs_info, src);
1567 parent = find_qgroup_rb(fs_info, dst);
1568 if (!member || !parent) {
1569 ret = -EINVAL;
1570 goto out;
1571 }
1572
1573 /* check if such qgroup relation exist firstly */
1574 list_for_each_entry(list, &member->groups, next_group) {
1575 if (list->group == parent) {
1576 ret = -EEXIST;
1577 goto out;
1578 }
1579 }
1580
1581 ret = add_qgroup_relation_item(trans, src, dst);
1582 if (ret)
1583 goto out;
1584
1585 ret = add_qgroup_relation_item(trans, dst, src);
1586 if (ret) {
1587 del_qgroup_relation_item(trans, src, dst);
1588 goto out;
1589 }
1590
1591 spin_lock(&fs_info->qgroup_lock);
1592 ret = __add_relation_rb(prealloc, member, parent);
1593 prealloc = NULL;
1594 if (ret < 0) {
1595 spin_unlock(&fs_info->qgroup_lock);
1596 goto out;
1597 }
1598 ret = quick_update_accounting(fs_info, src, dst, 1);
1599 spin_unlock(&fs_info->qgroup_lock);
1600out:
1601 kfree(prealloc);
1602 mutex_unlock(&fs_info->qgroup_ioctl_lock);
1603 return ret;
1604}
1605
1606static int __del_qgroup_relation(struct btrfs_trans_handle *trans, u64 src,
1607 u64 dst)
1608{
1609 struct btrfs_fs_info *fs_info = trans->fs_info;
1610 struct btrfs_qgroup *parent;
1611 struct btrfs_qgroup *member;
1612 struct btrfs_qgroup_list *list;
1613 bool found = false;
1614 int ret = 0;
1615 int ret2;
1616
1617 if (!fs_info->quota_root) {
1618 ret = -ENOTCONN;
1619 goto out;
1620 }
1621
1622 member = find_qgroup_rb(fs_info, src);
1623 parent = find_qgroup_rb(fs_info, dst);
1624 /*
1625 * The parent/member pair doesn't exist, then try to delete the dead
1626 * relation items only.
1627 */
1628 if (!member || !parent)
1629 goto delete_item;
1630
1631 /* check if such qgroup relation exist firstly */
1632 list_for_each_entry(list, &member->groups, next_group) {
1633 if (list->group == parent) {
1634 found = true;
1635 break;
1636 }
1637 }
1638
1639delete_item:
1640 ret = del_qgroup_relation_item(trans, src, dst);
1641 if (ret < 0 && ret != -ENOENT)
1642 goto out;
1643 ret2 = del_qgroup_relation_item(trans, dst, src);
1644 if (ret2 < 0 && ret2 != -ENOENT)
1645 goto out;
1646
1647 /* At least one deletion succeeded, return 0 */
1648 if (!ret || !ret2)
1649 ret = 0;
1650
1651 if (found) {
1652 spin_lock(&fs_info->qgroup_lock);
1653 del_relation_rb(fs_info, src, dst);
1654 ret = quick_update_accounting(fs_info, src, dst, -1);
1655 spin_unlock(&fs_info->qgroup_lock);
1656 }
1657out:
1658 return ret;
1659}
1660
1661int btrfs_del_qgroup_relation(struct btrfs_trans_handle *trans, u64 src,
1662 u64 dst)
1663{
1664 struct btrfs_fs_info *fs_info = trans->fs_info;
1665 int ret = 0;
1666
1667 mutex_lock(&fs_info->qgroup_ioctl_lock);
1668 ret = __del_qgroup_relation(trans, src, dst);
1669 mutex_unlock(&fs_info->qgroup_ioctl_lock);
1670
1671 return ret;
1672}
1673
1674int btrfs_create_qgroup(struct btrfs_trans_handle *trans, u64 qgroupid)
1675{
1676 struct btrfs_fs_info *fs_info = trans->fs_info;
1677 struct btrfs_root *quota_root;
1678 struct btrfs_qgroup *qgroup;
1679 struct btrfs_qgroup *prealloc = NULL;
1680 int ret = 0;
1681
1682 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_DISABLED)
1683 return 0;
1684
1685 mutex_lock(&fs_info->qgroup_ioctl_lock);
1686 if (!fs_info->quota_root) {
1687 ret = -ENOTCONN;
1688 goto out;
1689 }
1690 quota_root = fs_info->quota_root;
1691 qgroup = find_qgroup_rb(fs_info, qgroupid);
1692 if (qgroup) {
1693 ret = -EEXIST;
1694 goto out;
1695 }
1696
1697 prealloc = kzalloc(sizeof(*prealloc), GFP_NOFS);
1698 if (!prealloc) {
1699 ret = -ENOMEM;
1700 goto out;
1701 }
1702
1703 ret = add_qgroup_item(trans, quota_root, qgroupid);
1704 if (ret)
1705 goto out;
1706
1707 spin_lock(&fs_info->qgroup_lock);
1708 qgroup = add_qgroup_rb(fs_info, prealloc, qgroupid);
1709 spin_unlock(&fs_info->qgroup_lock);
1710 prealloc = NULL;
1711
1712 ret = btrfs_sysfs_add_one_qgroup(fs_info, qgroup);
1713out:
1714 mutex_unlock(&fs_info->qgroup_ioctl_lock);
1715 kfree(prealloc);
1716 return ret;
1717}
1718
1719/*
1720 * Return 0 if we can not delete the qgroup (not empty or has children etc).
1721 * Return >0 if we can delete the qgroup.
1722 * Return <0 for other errors during tree search.
1723 */
1724static int can_delete_qgroup(struct btrfs_fs_info *fs_info, struct btrfs_qgroup *qgroup)
1725{
1726 struct btrfs_key key;
1727 struct btrfs_path *path;
1728 int ret;
1729
1730 /*
1731 * Squota would never be inconsistent, but there can still be case
1732 * where a dropped subvolume still has qgroup numbers, and squota
1733 * relies on such qgroup for future accounting.
1734 *
1735 * So for squota, do not allow dropping any non-zero qgroup.
1736 */
1737 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_SIMPLE &&
1738 (qgroup->rfer || qgroup->excl || qgroup->excl_cmpr || qgroup->rfer_cmpr))
1739 return 0;
1740
1741 /* For higher level qgroup, we can only delete it if it has no child. */
1742 if (btrfs_qgroup_level(qgroup->qgroupid)) {
1743 if (!list_empty(&qgroup->members))
1744 return 0;
1745 return 1;
1746 }
1747
1748 /*
1749 * For level-0 qgroups, we can only delete it if it has no subvolume
1750 * for it.
1751 * This means even a subvolume is unlinked but not yet fully dropped,
1752 * we can not delete the qgroup.
1753 */
1754 key.objectid = qgroup->qgroupid;
1755 key.type = BTRFS_ROOT_ITEM_KEY;
1756 key.offset = -1ULL;
1757 path = btrfs_alloc_path();
1758 if (!path)
1759 return -ENOMEM;
1760
1761 ret = btrfs_find_root(fs_info->tree_root, &key, path, NULL, NULL);
1762 btrfs_free_path(path);
1763 /*
1764 * The @ret from btrfs_find_root() exactly matches our definition for
1765 * the return value, thus can be returned directly.
1766 */
1767 return ret;
1768}
1769
1770int btrfs_remove_qgroup(struct btrfs_trans_handle *trans, u64 qgroupid)
1771{
1772 struct btrfs_fs_info *fs_info = trans->fs_info;
1773 struct btrfs_qgroup *qgroup;
1774 struct btrfs_qgroup_list *list;
1775 int ret = 0;
1776
1777 mutex_lock(&fs_info->qgroup_ioctl_lock);
1778 if (!fs_info->quota_root) {
1779 ret = -ENOTCONN;
1780 goto out;
1781 }
1782
1783 qgroup = find_qgroup_rb(fs_info, qgroupid);
1784 if (!qgroup) {
1785 ret = -ENOENT;
1786 goto out;
1787 }
1788
1789 ret = can_delete_qgroup(fs_info, qgroup);
1790 if (ret < 0)
1791 goto out;
1792 if (ret == 0) {
1793 ret = -EBUSY;
1794 goto out;
1795 }
1796
1797 /* Check if there are no children of this qgroup */
1798 if (!list_empty(&qgroup->members)) {
1799 ret = -EBUSY;
1800 goto out;
1801 }
1802
1803 ret = del_qgroup_item(trans, qgroupid);
1804 if (ret && ret != -ENOENT)
1805 goto out;
1806
1807 while (!list_empty(&qgroup->groups)) {
1808 list = list_first_entry(&qgroup->groups,
1809 struct btrfs_qgroup_list, next_group);
1810 ret = __del_qgroup_relation(trans, qgroupid,
1811 list->group->qgroupid);
1812 if (ret)
1813 goto out;
1814 }
1815
1816 spin_lock(&fs_info->qgroup_lock);
1817 /*
1818 * Warn on reserved space. The subvolume should has no child nor
1819 * corresponding subvolume.
1820 * Thus its reserved space should all be zero, no matter if qgroup
1821 * is consistent or the mode.
1822 */
1823 if (qgroup->rsv.values[BTRFS_QGROUP_RSV_DATA] ||
1824 qgroup->rsv.values[BTRFS_QGROUP_RSV_META_PREALLOC] ||
1825 qgroup->rsv.values[BTRFS_QGROUP_RSV_META_PERTRANS]) {
1826 WARN_ON(IS_ENABLED(CONFIG_BTRFS_DEBUG));
1827 btrfs_warn_rl(fs_info,
1828"to be deleted qgroup %u/%llu has non-zero numbers, data %llu meta prealloc %llu meta pertrans %llu",
1829 btrfs_qgroup_level(qgroup->qgroupid),
1830 btrfs_qgroup_subvolid(qgroup->qgroupid),
1831 qgroup->rsv.values[BTRFS_QGROUP_RSV_DATA],
1832 qgroup->rsv.values[BTRFS_QGROUP_RSV_META_PREALLOC],
1833 qgroup->rsv.values[BTRFS_QGROUP_RSV_META_PERTRANS]);
1834
1835 }
1836 /*
1837 * The same for rfer/excl numbers, but that's only if our qgroup is
1838 * consistent and if it's in regular qgroup mode.
1839 * For simple mode it's not as accurate thus we can hit non-zero values
1840 * very frequently.
1841 */
1842 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_FULL &&
1843 !(fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT)) {
1844 if (qgroup->rfer || qgroup->excl ||
1845 qgroup->rfer_cmpr || qgroup->excl_cmpr) {
1846 WARN_ON(IS_ENABLED(CONFIG_BTRFS_DEBUG));
1847 btrfs_warn_rl(fs_info,
1848"to be deleted qgroup %u/%llu has non-zero numbers, rfer %llu rfer_cmpr %llu excl %llu excl_cmpr %llu",
1849 btrfs_qgroup_level(qgroup->qgroupid),
1850 btrfs_qgroup_subvolid(qgroup->qgroupid),
1851 qgroup->rfer, qgroup->rfer_cmpr,
1852 qgroup->excl, qgroup->excl_cmpr);
1853 qgroup_mark_inconsistent(fs_info);
1854 }
1855 }
1856 del_qgroup_rb(fs_info, qgroupid);
1857 spin_unlock(&fs_info->qgroup_lock);
1858
1859 /*
1860 * Remove the qgroup from sysfs now without holding the qgroup_lock
1861 * spinlock, since the sysfs_remove_group() function needs to take
1862 * the mutex kernfs_mutex through kernfs_remove_by_name_ns().
1863 */
1864 btrfs_sysfs_del_one_qgroup(fs_info, qgroup);
1865 kfree(qgroup);
1866out:
1867 mutex_unlock(&fs_info->qgroup_ioctl_lock);
1868 return ret;
1869}
1870
1871int btrfs_qgroup_cleanup_dropped_subvolume(struct btrfs_fs_info *fs_info, u64 subvolid)
1872{
1873 struct btrfs_trans_handle *trans;
1874 int ret;
1875
1876 if (!is_fstree(subvolid) || !btrfs_qgroup_enabled(fs_info) || !fs_info->quota_root)
1877 return 0;
1878
1879 /*
1880 * Commit current transaction to make sure all the rfer/excl numbers
1881 * get updated.
1882 */
1883 trans = btrfs_start_transaction(fs_info->quota_root, 0);
1884 if (IS_ERR(trans))
1885 return PTR_ERR(trans);
1886
1887 ret = btrfs_commit_transaction(trans);
1888 if (ret < 0)
1889 return ret;
1890
1891 /* Start new trans to delete the qgroup info and limit items. */
1892 trans = btrfs_start_transaction(fs_info->quota_root, 2);
1893 if (IS_ERR(trans))
1894 return PTR_ERR(trans);
1895 ret = btrfs_remove_qgroup(trans, subvolid);
1896 btrfs_end_transaction(trans);
1897 /*
1898 * It's squota and the subvolume still has numbers needed for future
1899 * accounting, in this case we can not delete it. Just skip it.
1900 */
1901 if (ret == -EBUSY)
1902 ret = 0;
1903 return ret;
1904}
1905
1906int btrfs_limit_qgroup(struct btrfs_trans_handle *trans, u64 qgroupid,
1907 struct btrfs_qgroup_limit *limit)
1908{
1909 struct btrfs_fs_info *fs_info = trans->fs_info;
1910 struct btrfs_qgroup *qgroup;
1911 int ret = 0;
1912 /* Sometimes we would want to clear the limit on this qgroup.
1913 * To meet this requirement, we treat the -1 as a special value
1914 * which tell kernel to clear the limit on this qgroup.
1915 */
1916 const u64 CLEAR_VALUE = -1;
1917
1918 mutex_lock(&fs_info->qgroup_ioctl_lock);
1919 if (!fs_info->quota_root) {
1920 ret = -ENOTCONN;
1921 goto out;
1922 }
1923
1924 qgroup = find_qgroup_rb(fs_info, qgroupid);
1925 if (!qgroup) {
1926 ret = -ENOENT;
1927 goto out;
1928 }
1929
1930 spin_lock(&fs_info->qgroup_lock);
1931 if (limit->flags & BTRFS_QGROUP_LIMIT_MAX_RFER) {
1932 if (limit->max_rfer == CLEAR_VALUE) {
1933 qgroup->lim_flags &= ~BTRFS_QGROUP_LIMIT_MAX_RFER;
1934 limit->flags &= ~BTRFS_QGROUP_LIMIT_MAX_RFER;
1935 qgroup->max_rfer = 0;
1936 } else {
1937 qgroup->max_rfer = limit->max_rfer;
1938 }
1939 }
1940 if (limit->flags & BTRFS_QGROUP_LIMIT_MAX_EXCL) {
1941 if (limit->max_excl == CLEAR_VALUE) {
1942 qgroup->lim_flags &= ~BTRFS_QGROUP_LIMIT_MAX_EXCL;
1943 limit->flags &= ~BTRFS_QGROUP_LIMIT_MAX_EXCL;
1944 qgroup->max_excl = 0;
1945 } else {
1946 qgroup->max_excl = limit->max_excl;
1947 }
1948 }
1949 if (limit->flags & BTRFS_QGROUP_LIMIT_RSV_RFER) {
1950 if (limit->rsv_rfer == CLEAR_VALUE) {
1951 qgroup->lim_flags &= ~BTRFS_QGROUP_LIMIT_RSV_RFER;
1952 limit->flags &= ~BTRFS_QGROUP_LIMIT_RSV_RFER;
1953 qgroup->rsv_rfer = 0;
1954 } else {
1955 qgroup->rsv_rfer = limit->rsv_rfer;
1956 }
1957 }
1958 if (limit->flags & BTRFS_QGROUP_LIMIT_RSV_EXCL) {
1959 if (limit->rsv_excl == CLEAR_VALUE) {
1960 qgroup->lim_flags &= ~BTRFS_QGROUP_LIMIT_RSV_EXCL;
1961 limit->flags &= ~BTRFS_QGROUP_LIMIT_RSV_EXCL;
1962 qgroup->rsv_excl = 0;
1963 } else {
1964 qgroup->rsv_excl = limit->rsv_excl;
1965 }
1966 }
1967 qgroup->lim_flags |= limit->flags;
1968
1969 spin_unlock(&fs_info->qgroup_lock);
1970
1971 ret = update_qgroup_limit_item(trans, qgroup);
1972 if (ret) {
1973 qgroup_mark_inconsistent(fs_info);
1974 btrfs_info(fs_info, "unable to update quota limit for %llu",
1975 qgroupid);
1976 }
1977
1978out:
1979 mutex_unlock(&fs_info->qgroup_ioctl_lock);
1980 return ret;
1981}
1982
1983/*
1984 * Inform qgroup to trace one dirty extent, its info is recorded in @record.
1985 * So qgroup can account it at transaction committing time.
1986 *
1987 * No lock version, caller must acquire delayed ref lock and allocated memory,
1988 * then call btrfs_qgroup_trace_extent_post() after exiting lock context.
1989 *
1990 * Return 0 for success insert
1991 * Return >0 for existing record, caller can free @record safely.
1992 * Return <0 for insertion failure, caller can free @record safely.
1993 */
1994int btrfs_qgroup_trace_extent_nolock(struct btrfs_fs_info *fs_info,
1995 struct btrfs_delayed_ref_root *delayed_refs,
1996 struct btrfs_qgroup_extent_record *record,
1997 u64 bytenr)
1998{
1999 struct btrfs_qgroup_extent_record *existing, *ret;
2000 const unsigned long index = (bytenr >> fs_info->sectorsize_bits);
2001
2002 if (!btrfs_qgroup_full_accounting(fs_info))
2003 return 1;
2004
2005#if BITS_PER_LONG == 32
2006 if (bytenr >= MAX_LFS_FILESIZE) {
2007 btrfs_err_rl(fs_info,
2008"qgroup record for extent at %llu is beyond 32bit page cache and xarray index limit",
2009 bytenr);
2010 btrfs_err_32bit_limit(fs_info);
2011 return -EOVERFLOW;
2012 }
2013#endif
2014
2015 trace_btrfs_qgroup_trace_extent(fs_info, record, bytenr);
2016
2017 xa_lock(&delayed_refs->dirty_extents);
2018 existing = xa_load(&delayed_refs->dirty_extents, index);
2019 if (existing) {
2020 if (record->data_rsv && !existing->data_rsv) {
2021 existing->data_rsv = record->data_rsv;
2022 existing->data_rsv_refroot = record->data_rsv_refroot;
2023 }
2024 xa_unlock(&delayed_refs->dirty_extents);
2025 return 1;
2026 }
2027
2028 ret = __xa_store(&delayed_refs->dirty_extents, index, record, GFP_ATOMIC);
2029 xa_unlock(&delayed_refs->dirty_extents);
2030 if (xa_is_err(ret)) {
2031 qgroup_mark_inconsistent(fs_info);
2032 return xa_err(ret);
2033 }
2034
2035 return 0;
2036}
2037
2038/*
2039 * Post handler after qgroup_trace_extent_nolock().
2040 *
2041 * NOTE: Current qgroup does the expensive backref walk at transaction
2042 * committing time with TRANS_STATE_COMMIT_DOING, this blocks incoming
2043 * new transaction.
2044 * This is designed to allow btrfs_find_all_roots() to get correct new_roots
2045 * result.
2046 *
2047 * However for old_roots there is no need to do backref walk at that time,
2048 * since we search commit roots to walk backref and result will always be
2049 * correct.
2050 *
2051 * Due to the nature of no lock version, we can't do backref there.
2052 * So we must call btrfs_qgroup_trace_extent_post() after exiting
2053 * spinlock context.
2054 *
2055 * TODO: If we can fix and prove btrfs_find_all_roots() can get correct result
2056 * using current root, then we can move all expensive backref walk out of
2057 * transaction committing, but not now as qgroup accounting will be wrong again.
2058 */
2059int btrfs_qgroup_trace_extent_post(struct btrfs_trans_handle *trans,
2060 struct btrfs_qgroup_extent_record *qrecord,
2061 u64 bytenr)
2062{
2063 struct btrfs_fs_info *fs_info = trans->fs_info;
2064 struct btrfs_backref_walk_ctx ctx = {
2065 .bytenr = bytenr,
2066 .fs_info = fs_info,
2067 };
2068 int ret;
2069
2070 if (!btrfs_qgroup_full_accounting(fs_info))
2071 return 0;
2072 /*
2073 * We are always called in a context where we are already holding a
2074 * transaction handle. Often we are called when adding a data delayed
2075 * reference from btrfs_truncate_inode_items() (truncating or unlinking),
2076 * in which case we will be holding a write lock on extent buffer from a
2077 * subvolume tree. In this case we can't allow btrfs_find_all_roots() to
2078 * acquire fs_info->commit_root_sem, because that is a higher level lock
2079 * that must be acquired before locking any extent buffers.
2080 *
2081 * So we want btrfs_find_all_roots() to not acquire the commit_root_sem
2082 * but we can't pass it a non-NULL transaction handle, because otherwise
2083 * it would not use commit roots and would lock extent buffers, causing
2084 * a deadlock if it ends up trying to read lock the same extent buffer
2085 * that was previously write locked at btrfs_truncate_inode_items().
2086 *
2087 * So pass a NULL transaction handle to btrfs_find_all_roots() and
2088 * explicitly tell it to not acquire the commit_root_sem - if we are
2089 * holding a transaction handle we don't need its protection.
2090 */
2091 ASSERT(trans != NULL);
2092
2093 if (fs_info->qgroup_flags & BTRFS_QGROUP_RUNTIME_FLAG_NO_ACCOUNTING)
2094 return 0;
2095
2096 ret = btrfs_find_all_roots(&ctx, true);
2097 if (ret < 0) {
2098 qgroup_mark_inconsistent(fs_info);
2099 btrfs_warn(fs_info,
2100"error accounting new delayed refs extent (err code: %d), quota inconsistent",
2101 ret);
2102 return 0;
2103 }
2104
2105 /*
2106 * Here we don't need to get the lock of
2107 * trans->transaction->delayed_refs, since inserted qrecord won't
2108 * be deleted, only qrecord->node may be modified (new qrecord insert)
2109 *
2110 * So modifying qrecord->old_roots is safe here
2111 */
2112 qrecord->old_roots = ctx.roots;
2113 return 0;
2114}
2115
2116/*
2117 * Inform qgroup to trace one dirty extent, specified by @bytenr and
2118 * @num_bytes.
2119 * So qgroup can account it at commit trans time.
2120 *
2121 * Better encapsulated version, with memory allocation and backref walk for
2122 * commit roots.
2123 * So this can sleep.
2124 *
2125 * Return 0 if the operation is done.
2126 * Return <0 for error, like memory allocation failure or invalid parameter
2127 * (NULL trans)
2128 */
2129int btrfs_qgroup_trace_extent(struct btrfs_trans_handle *trans, u64 bytenr,
2130 u64 num_bytes)
2131{
2132 struct btrfs_fs_info *fs_info = trans->fs_info;
2133 struct btrfs_qgroup_extent_record *record;
2134 struct btrfs_delayed_ref_root *delayed_refs = &trans->transaction->delayed_refs;
2135 const unsigned long index = (bytenr >> fs_info->sectorsize_bits);
2136 int ret;
2137
2138 if (!btrfs_qgroup_full_accounting(fs_info) || bytenr == 0 || num_bytes == 0)
2139 return 0;
2140 record = kzalloc(sizeof(*record), GFP_NOFS);
2141 if (!record)
2142 return -ENOMEM;
2143
2144 if (xa_reserve(&delayed_refs->dirty_extents, index, GFP_NOFS)) {
2145 kfree(record);
2146 return -ENOMEM;
2147 }
2148
2149 record->num_bytes = num_bytes;
2150
2151 ret = btrfs_qgroup_trace_extent_nolock(fs_info, delayed_refs, record, bytenr);
2152 if (ret) {
2153 /* Clean up if insertion fails or item exists. */
2154 xa_release(&delayed_refs->dirty_extents, index);
2155 kfree(record);
2156 return 0;
2157 }
2158 return btrfs_qgroup_trace_extent_post(trans, record, bytenr);
2159}
2160
2161/*
2162 * Inform qgroup to trace all leaf items of data
2163 *
2164 * Return 0 for success
2165 * Return <0 for error(ENOMEM)
2166 */
2167int btrfs_qgroup_trace_leaf_items(struct btrfs_trans_handle *trans,
2168 struct extent_buffer *eb)
2169{
2170 struct btrfs_fs_info *fs_info = trans->fs_info;
2171 int nr = btrfs_header_nritems(eb);
2172 int i, extent_type, ret;
2173 struct btrfs_key key;
2174 struct btrfs_file_extent_item *fi;
2175 u64 bytenr, num_bytes;
2176
2177 /* We can be called directly from walk_up_proc() */
2178 if (!btrfs_qgroup_full_accounting(fs_info))
2179 return 0;
2180
2181 for (i = 0; i < nr; i++) {
2182 btrfs_item_key_to_cpu(eb, &key, i);
2183
2184 if (key.type != BTRFS_EXTENT_DATA_KEY)
2185 continue;
2186
2187 fi = btrfs_item_ptr(eb, i, struct btrfs_file_extent_item);
2188 /* filter out non qgroup-accountable extents */
2189 extent_type = btrfs_file_extent_type(eb, fi);
2190
2191 if (extent_type == BTRFS_FILE_EXTENT_INLINE)
2192 continue;
2193
2194 bytenr = btrfs_file_extent_disk_bytenr(eb, fi);
2195 if (!bytenr)
2196 continue;
2197
2198 num_bytes = btrfs_file_extent_disk_num_bytes(eb, fi);
2199
2200 ret = btrfs_qgroup_trace_extent(trans, bytenr, num_bytes);
2201 if (ret)
2202 return ret;
2203 }
2204 cond_resched();
2205 return 0;
2206}
2207
2208/*
2209 * Walk up the tree from the bottom, freeing leaves and any interior
2210 * nodes which have had all slots visited. If a node (leaf or
2211 * interior) is freed, the node above it will have it's slot
2212 * incremented. The root node will never be freed.
2213 *
2214 * At the end of this function, we should have a path which has all
2215 * slots incremented to the next position for a search. If we need to
2216 * read a new node it will be NULL and the node above it will have the
2217 * correct slot selected for a later read.
2218 *
2219 * If we increment the root nodes slot counter past the number of
2220 * elements, 1 is returned to signal completion of the search.
2221 */
2222static int adjust_slots_upwards(struct btrfs_path *path, int root_level)
2223{
2224 int level = 0;
2225 int nr, slot;
2226 struct extent_buffer *eb;
2227
2228 if (root_level == 0)
2229 return 1;
2230
2231 while (level <= root_level) {
2232 eb = path->nodes[level];
2233 nr = btrfs_header_nritems(eb);
2234 path->slots[level]++;
2235 slot = path->slots[level];
2236 if (slot >= nr || level == 0) {
2237 /*
2238 * Don't free the root - we will detect this
2239 * condition after our loop and return a
2240 * positive value for caller to stop walking the tree.
2241 */
2242 if (level != root_level) {
2243 btrfs_tree_unlock_rw(eb, path->locks[level]);
2244 path->locks[level] = 0;
2245
2246 free_extent_buffer(eb);
2247 path->nodes[level] = NULL;
2248 path->slots[level] = 0;
2249 }
2250 } else {
2251 /*
2252 * We have a valid slot to walk back down
2253 * from. Stop here so caller can process these
2254 * new nodes.
2255 */
2256 break;
2257 }
2258
2259 level++;
2260 }
2261
2262 eb = path->nodes[root_level];
2263 if (path->slots[root_level] >= btrfs_header_nritems(eb))
2264 return 1;
2265
2266 return 0;
2267}
2268
2269/*
2270 * Helper function to trace a subtree tree block swap.
2271 *
2272 * The swap will happen in highest tree block, but there may be a lot of
2273 * tree blocks involved.
2274 *
2275 * For example:
2276 * OO = Old tree blocks
2277 * NN = New tree blocks allocated during balance
2278 *
2279 * File tree (257) Reloc tree for 257
2280 * L2 OO NN
2281 * / \ / \
2282 * L1 OO OO (a) OO NN (a)
2283 * / \ / \ / \ / \
2284 * L0 OO OO OO OO OO OO NN NN
2285 * (b) (c) (b) (c)
2286 *
2287 * When calling qgroup_trace_extent_swap(), we will pass:
2288 * @src_eb = OO(a)
2289 * @dst_path = [ nodes[1] = NN(a), nodes[0] = NN(c) ]
2290 * @dst_level = 0
2291 * @root_level = 1
2292 *
2293 * In that case, qgroup_trace_extent_swap() will search from OO(a) to
2294 * reach OO(c), then mark both OO(c) and NN(c) as qgroup dirty.
2295 *
2296 * The main work of qgroup_trace_extent_swap() can be split into 3 parts:
2297 *
2298 * 1) Tree search from @src_eb
2299 * It should acts as a simplified btrfs_search_slot().
2300 * The key for search can be extracted from @dst_path->nodes[dst_level]
2301 * (first key).
2302 *
2303 * 2) Mark the final tree blocks in @src_path and @dst_path qgroup dirty
2304 * NOTE: In above case, OO(a) and NN(a) won't be marked qgroup dirty.
2305 * They should be marked during previous (@dst_level = 1) iteration.
2306 *
2307 * 3) Mark file extents in leaves dirty
2308 * We don't have good way to pick out new file extents only.
2309 * So we still follow the old method by scanning all file extents in
2310 * the leave.
2311 *
2312 * This function can free us from keeping two paths, thus later we only need
2313 * to care about how to iterate all new tree blocks in reloc tree.
2314 */
2315static int qgroup_trace_extent_swap(struct btrfs_trans_handle* trans,
2316 struct extent_buffer *src_eb,
2317 struct btrfs_path *dst_path,
2318 int dst_level, int root_level,
2319 bool trace_leaf)
2320{
2321 struct btrfs_key key;
2322 struct btrfs_path *src_path;
2323 struct btrfs_fs_info *fs_info = trans->fs_info;
2324 u32 nodesize = fs_info->nodesize;
2325 int cur_level = root_level;
2326 int ret;
2327
2328 BUG_ON(dst_level > root_level);
2329 /* Level mismatch */
2330 if (btrfs_header_level(src_eb) != root_level)
2331 return -EINVAL;
2332
2333 src_path = btrfs_alloc_path();
2334 if (!src_path) {
2335 ret = -ENOMEM;
2336 goto out;
2337 }
2338
2339 if (dst_level)
2340 btrfs_node_key_to_cpu(dst_path->nodes[dst_level], &key, 0);
2341 else
2342 btrfs_item_key_to_cpu(dst_path->nodes[dst_level], &key, 0);
2343
2344 /* For src_path */
2345 atomic_inc(&src_eb->refs);
2346 src_path->nodes[root_level] = src_eb;
2347 src_path->slots[root_level] = dst_path->slots[root_level];
2348 src_path->locks[root_level] = 0;
2349
2350 /* A simplified version of btrfs_search_slot() */
2351 while (cur_level >= dst_level) {
2352 struct btrfs_key src_key;
2353 struct btrfs_key dst_key;
2354
2355 if (src_path->nodes[cur_level] == NULL) {
2356 struct extent_buffer *eb;
2357 int parent_slot;
2358
2359 eb = src_path->nodes[cur_level + 1];
2360 parent_slot = src_path->slots[cur_level + 1];
2361
2362 eb = btrfs_read_node_slot(eb, parent_slot);
2363 if (IS_ERR(eb)) {
2364 ret = PTR_ERR(eb);
2365 goto out;
2366 }
2367
2368 src_path->nodes[cur_level] = eb;
2369
2370 btrfs_tree_read_lock(eb);
2371 src_path->locks[cur_level] = BTRFS_READ_LOCK;
2372 }
2373
2374 src_path->slots[cur_level] = dst_path->slots[cur_level];
2375 if (cur_level) {
2376 btrfs_node_key_to_cpu(dst_path->nodes[cur_level],
2377 &dst_key, dst_path->slots[cur_level]);
2378 btrfs_node_key_to_cpu(src_path->nodes[cur_level],
2379 &src_key, src_path->slots[cur_level]);
2380 } else {
2381 btrfs_item_key_to_cpu(dst_path->nodes[cur_level],
2382 &dst_key, dst_path->slots[cur_level]);
2383 btrfs_item_key_to_cpu(src_path->nodes[cur_level],
2384 &src_key, src_path->slots[cur_level]);
2385 }
2386 /* Content mismatch, something went wrong */
2387 if (btrfs_comp_cpu_keys(&dst_key, &src_key)) {
2388 ret = -ENOENT;
2389 goto out;
2390 }
2391 cur_level--;
2392 }
2393
2394 /*
2395 * Now both @dst_path and @src_path have been populated, record the tree
2396 * blocks for qgroup accounting.
2397 */
2398 ret = btrfs_qgroup_trace_extent(trans, src_path->nodes[dst_level]->start,
2399 nodesize);
2400 if (ret < 0)
2401 goto out;
2402 ret = btrfs_qgroup_trace_extent(trans, dst_path->nodes[dst_level]->start,
2403 nodesize);
2404 if (ret < 0)
2405 goto out;
2406
2407 /* Record leaf file extents */
2408 if (dst_level == 0 && trace_leaf) {
2409 ret = btrfs_qgroup_trace_leaf_items(trans, src_path->nodes[0]);
2410 if (ret < 0)
2411 goto out;
2412 ret = btrfs_qgroup_trace_leaf_items(trans, dst_path->nodes[0]);
2413 }
2414out:
2415 btrfs_free_path(src_path);
2416 return ret;
2417}
2418
2419/*
2420 * Helper function to do recursive generation-aware depth-first search, to
2421 * locate all new tree blocks in a subtree of reloc tree.
2422 *
2423 * E.g. (OO = Old tree blocks, NN = New tree blocks, whose gen == last_snapshot)
2424 * reloc tree
2425 * L2 NN (a)
2426 * / \
2427 * L1 OO NN (b)
2428 * / \ / \
2429 * L0 OO OO OO NN
2430 * (c) (d)
2431 * If we pass:
2432 * @dst_path = [ nodes[1] = NN(b), nodes[0] = NULL ],
2433 * @cur_level = 1
2434 * @root_level = 1
2435 *
2436 * We will iterate through tree blocks NN(b), NN(d) and info qgroup to trace
2437 * above tree blocks along with their counter parts in file tree.
2438 * While during search, old tree blocks OO(c) will be skipped as tree block swap
2439 * won't affect OO(c).
2440 */
2441static int qgroup_trace_new_subtree_blocks(struct btrfs_trans_handle* trans,
2442 struct extent_buffer *src_eb,
2443 struct btrfs_path *dst_path,
2444 int cur_level, int root_level,
2445 u64 last_snapshot, bool trace_leaf)
2446{
2447 struct btrfs_fs_info *fs_info = trans->fs_info;
2448 struct extent_buffer *eb;
2449 bool need_cleanup = false;
2450 int ret = 0;
2451 int i;
2452
2453 /* Level sanity check */
2454 if (cur_level < 0 || cur_level >= BTRFS_MAX_LEVEL - 1 ||
2455 root_level < 0 || root_level >= BTRFS_MAX_LEVEL - 1 ||
2456 root_level < cur_level) {
2457 btrfs_err_rl(fs_info,
2458 "%s: bad levels, cur_level=%d root_level=%d",
2459 __func__, cur_level, root_level);
2460 return -EUCLEAN;
2461 }
2462
2463 /* Read the tree block if needed */
2464 if (dst_path->nodes[cur_level] == NULL) {
2465 int parent_slot;
2466 u64 child_gen;
2467
2468 /*
2469 * dst_path->nodes[root_level] must be initialized before
2470 * calling this function.
2471 */
2472 if (cur_level == root_level) {
2473 btrfs_err_rl(fs_info,
2474 "%s: dst_path->nodes[%d] not initialized, root_level=%d cur_level=%d",
2475 __func__, root_level, root_level, cur_level);
2476 return -EUCLEAN;
2477 }
2478
2479 /*
2480 * We need to get child blockptr/gen from parent before we can
2481 * read it.
2482 */
2483 eb = dst_path->nodes[cur_level + 1];
2484 parent_slot = dst_path->slots[cur_level + 1];
2485 child_gen = btrfs_node_ptr_generation(eb, parent_slot);
2486
2487 /* This node is old, no need to trace */
2488 if (child_gen < last_snapshot)
2489 goto out;
2490
2491 eb = btrfs_read_node_slot(eb, parent_slot);
2492 if (IS_ERR(eb)) {
2493 ret = PTR_ERR(eb);
2494 goto out;
2495 }
2496
2497 dst_path->nodes[cur_level] = eb;
2498 dst_path->slots[cur_level] = 0;
2499
2500 btrfs_tree_read_lock(eb);
2501 dst_path->locks[cur_level] = BTRFS_READ_LOCK;
2502 need_cleanup = true;
2503 }
2504
2505 /* Now record this tree block and its counter part for qgroups */
2506 ret = qgroup_trace_extent_swap(trans, src_eb, dst_path, cur_level,
2507 root_level, trace_leaf);
2508 if (ret < 0)
2509 goto cleanup;
2510
2511 eb = dst_path->nodes[cur_level];
2512
2513 if (cur_level > 0) {
2514 /* Iterate all child tree blocks */
2515 for (i = 0; i < btrfs_header_nritems(eb); i++) {
2516 /* Skip old tree blocks as they won't be swapped */
2517 if (btrfs_node_ptr_generation(eb, i) < last_snapshot)
2518 continue;
2519 dst_path->slots[cur_level] = i;
2520
2521 /* Recursive call (at most 7 times) */
2522 ret = qgroup_trace_new_subtree_blocks(trans, src_eb,
2523 dst_path, cur_level - 1, root_level,
2524 last_snapshot, trace_leaf);
2525 if (ret < 0)
2526 goto cleanup;
2527 }
2528 }
2529
2530cleanup:
2531 if (need_cleanup) {
2532 /* Clean up */
2533 btrfs_tree_unlock_rw(dst_path->nodes[cur_level],
2534 dst_path->locks[cur_level]);
2535 free_extent_buffer(dst_path->nodes[cur_level]);
2536 dst_path->nodes[cur_level] = NULL;
2537 dst_path->slots[cur_level] = 0;
2538 dst_path->locks[cur_level] = 0;
2539 }
2540out:
2541 return ret;
2542}
2543
2544static int qgroup_trace_subtree_swap(struct btrfs_trans_handle *trans,
2545 struct extent_buffer *src_eb,
2546 struct extent_buffer *dst_eb,
2547 u64 last_snapshot, bool trace_leaf)
2548{
2549 struct btrfs_fs_info *fs_info = trans->fs_info;
2550 struct btrfs_path *dst_path = NULL;
2551 int level;
2552 int ret;
2553
2554 if (!btrfs_qgroup_full_accounting(fs_info))
2555 return 0;
2556
2557 /* Wrong parameter order */
2558 if (btrfs_header_generation(src_eb) > btrfs_header_generation(dst_eb)) {
2559 btrfs_err_rl(fs_info,
2560 "%s: bad parameter order, src_gen=%llu dst_gen=%llu", __func__,
2561 btrfs_header_generation(src_eb),
2562 btrfs_header_generation(dst_eb));
2563 return -EUCLEAN;
2564 }
2565
2566 if (!extent_buffer_uptodate(src_eb) || !extent_buffer_uptodate(dst_eb)) {
2567 ret = -EIO;
2568 goto out;
2569 }
2570
2571 level = btrfs_header_level(dst_eb);
2572 dst_path = btrfs_alloc_path();
2573 if (!dst_path) {
2574 ret = -ENOMEM;
2575 goto out;
2576 }
2577 /* For dst_path */
2578 atomic_inc(&dst_eb->refs);
2579 dst_path->nodes[level] = dst_eb;
2580 dst_path->slots[level] = 0;
2581 dst_path->locks[level] = 0;
2582
2583 /* Do the generation aware breadth-first search */
2584 ret = qgroup_trace_new_subtree_blocks(trans, src_eb, dst_path, level,
2585 level, last_snapshot, trace_leaf);
2586 if (ret < 0)
2587 goto out;
2588 ret = 0;
2589
2590out:
2591 btrfs_free_path(dst_path);
2592 if (ret < 0)
2593 qgroup_mark_inconsistent(fs_info);
2594 return ret;
2595}
2596
2597/*
2598 * Inform qgroup to trace a whole subtree, including all its child tree
2599 * blocks and data.
2600 * The root tree block is specified by @root_eb.
2601 *
2602 * Normally used by relocation(tree block swap) and subvolume deletion.
2603 *
2604 * Return 0 for success
2605 * Return <0 for error(ENOMEM or tree search error)
2606 */
2607int btrfs_qgroup_trace_subtree(struct btrfs_trans_handle *trans,
2608 struct extent_buffer *root_eb,
2609 u64 root_gen, int root_level)
2610{
2611 struct btrfs_fs_info *fs_info = trans->fs_info;
2612 int ret = 0;
2613 int level;
2614 u8 drop_subptree_thres;
2615 struct extent_buffer *eb = root_eb;
2616 struct btrfs_path *path = NULL;
2617
2618 ASSERT(0 <= root_level && root_level < BTRFS_MAX_LEVEL);
2619 ASSERT(root_eb != NULL);
2620
2621 if (!btrfs_qgroup_full_accounting(fs_info))
2622 return 0;
2623
2624 spin_lock(&fs_info->qgroup_lock);
2625 drop_subptree_thres = fs_info->qgroup_drop_subtree_thres;
2626 spin_unlock(&fs_info->qgroup_lock);
2627
2628 /*
2629 * This function only gets called for snapshot drop, if we hit a high
2630 * node here, it means we are going to change ownership for quite a lot
2631 * of extents, which will greatly slow down btrfs_commit_transaction().
2632 *
2633 * So here if we find a high tree here, we just skip the accounting and
2634 * mark qgroup inconsistent.
2635 */
2636 if (root_level >= drop_subptree_thres) {
2637 qgroup_mark_inconsistent(fs_info);
2638 return 0;
2639 }
2640
2641 if (!extent_buffer_uptodate(root_eb)) {
2642 struct btrfs_tree_parent_check check = {
2643 .transid = root_gen,
2644 .level = root_level
2645 };
2646
2647 ret = btrfs_read_extent_buffer(root_eb, &check);
2648 if (ret)
2649 goto out;
2650 }
2651
2652 if (root_level == 0) {
2653 ret = btrfs_qgroup_trace_leaf_items(trans, root_eb);
2654 goto out;
2655 }
2656
2657 path = btrfs_alloc_path();
2658 if (!path)
2659 return -ENOMEM;
2660
2661 /*
2662 * Walk down the tree. Missing extent blocks are filled in as
2663 * we go. Metadata is accounted every time we read a new
2664 * extent block.
2665 *
2666 * When we reach a leaf, we account for file extent items in it,
2667 * walk back up the tree (adjusting slot pointers as we go)
2668 * and restart the search process.
2669 */
2670 atomic_inc(&root_eb->refs); /* For path */
2671 path->nodes[root_level] = root_eb;
2672 path->slots[root_level] = 0;
2673 path->locks[root_level] = 0; /* so release_path doesn't try to unlock */
2674walk_down:
2675 level = root_level;
2676 while (level >= 0) {
2677 if (path->nodes[level] == NULL) {
2678 int parent_slot;
2679 u64 child_bytenr;
2680
2681 /*
2682 * We need to get child blockptr from parent before we
2683 * can read it.
2684 */
2685 eb = path->nodes[level + 1];
2686 parent_slot = path->slots[level + 1];
2687 child_bytenr = btrfs_node_blockptr(eb, parent_slot);
2688
2689 eb = btrfs_read_node_slot(eb, parent_slot);
2690 if (IS_ERR(eb)) {
2691 ret = PTR_ERR(eb);
2692 goto out;
2693 }
2694
2695 path->nodes[level] = eb;
2696 path->slots[level] = 0;
2697
2698 btrfs_tree_read_lock(eb);
2699 path->locks[level] = BTRFS_READ_LOCK;
2700
2701 ret = btrfs_qgroup_trace_extent(trans, child_bytenr,
2702 fs_info->nodesize);
2703 if (ret)
2704 goto out;
2705 }
2706
2707 if (level == 0) {
2708 ret = btrfs_qgroup_trace_leaf_items(trans,
2709 path->nodes[level]);
2710 if (ret)
2711 goto out;
2712
2713 /* Nonzero return here means we completed our search */
2714 ret = adjust_slots_upwards(path, root_level);
2715 if (ret)
2716 break;
2717
2718 /* Restart search with new slots */
2719 goto walk_down;
2720 }
2721
2722 level--;
2723 }
2724
2725 ret = 0;
2726out:
2727 btrfs_free_path(path);
2728
2729 return ret;
2730}
2731
2732static void qgroup_iterator_nested_add(struct list_head *head, struct btrfs_qgroup *qgroup)
2733{
2734 if (!list_empty(&qgroup->nested_iterator))
2735 return;
2736
2737 list_add_tail(&qgroup->nested_iterator, head);
2738}
2739
2740static void qgroup_iterator_nested_clean(struct list_head *head)
2741{
2742 while (!list_empty(head)) {
2743 struct btrfs_qgroup *qgroup;
2744
2745 qgroup = list_first_entry(head, struct btrfs_qgroup, nested_iterator);
2746 list_del_init(&qgroup->nested_iterator);
2747 }
2748}
2749
2750#define UPDATE_NEW 0
2751#define UPDATE_OLD 1
2752/*
2753 * Walk all of the roots that points to the bytenr and adjust their refcnts.
2754 */
2755static void qgroup_update_refcnt(struct btrfs_fs_info *fs_info,
2756 struct ulist *roots, struct list_head *qgroups,
2757 u64 seq, int update_old)
2758{
2759 struct ulist_node *unode;
2760 struct ulist_iterator uiter;
2761 struct btrfs_qgroup *qg;
2762
2763 if (!roots)
2764 return;
2765 ULIST_ITER_INIT(&uiter);
2766 while ((unode = ulist_next(roots, &uiter))) {
2767 LIST_HEAD(tmp);
2768
2769 qg = find_qgroup_rb(fs_info, unode->val);
2770 if (!qg)
2771 continue;
2772
2773 qgroup_iterator_nested_add(qgroups, qg);
2774 qgroup_iterator_add(&tmp, qg);
2775 list_for_each_entry(qg, &tmp, iterator) {
2776 struct btrfs_qgroup_list *glist;
2777
2778 if (update_old)
2779 btrfs_qgroup_update_old_refcnt(qg, seq, 1);
2780 else
2781 btrfs_qgroup_update_new_refcnt(qg, seq, 1);
2782
2783 list_for_each_entry(glist, &qg->groups, next_group) {
2784 qgroup_iterator_nested_add(qgroups, glist->group);
2785 qgroup_iterator_add(&tmp, glist->group);
2786 }
2787 }
2788 qgroup_iterator_clean(&tmp);
2789 }
2790}
2791
2792/*
2793 * Update qgroup rfer/excl counters.
2794 * Rfer update is easy, codes can explain themselves.
2795 *
2796 * Excl update is tricky, the update is split into 2 parts.
2797 * Part 1: Possible exclusive <-> sharing detect:
2798 * | A | !A |
2799 * -------------------------------------
2800 * B | * | - |
2801 * -------------------------------------
2802 * !B | + | ** |
2803 * -------------------------------------
2804 *
2805 * Conditions:
2806 * A: cur_old_roots < nr_old_roots (not exclusive before)
2807 * !A: cur_old_roots == nr_old_roots (possible exclusive before)
2808 * B: cur_new_roots < nr_new_roots (not exclusive now)
2809 * !B: cur_new_roots == nr_new_roots (possible exclusive now)
2810 *
2811 * Results:
2812 * +: Possible sharing -> exclusive -: Possible exclusive -> sharing
2813 * *: Definitely not changed. **: Possible unchanged.
2814 *
2815 * For !A and !B condition, the exception is cur_old/new_roots == 0 case.
2816 *
2817 * To make the logic clear, we first use condition A and B to split
2818 * combination into 4 results.
2819 *
2820 * Then, for result "+" and "-", check old/new_roots == 0 case, as in them
2821 * only on variant maybe 0.
2822 *
2823 * Lastly, check result **, since there are 2 variants maybe 0, split them
2824 * again(2x2).
2825 * But this time we don't need to consider other things, the codes and logic
2826 * is easy to understand now.
2827 */
2828static void qgroup_update_counters(struct btrfs_fs_info *fs_info,
2829 struct list_head *qgroups, u64 nr_old_roots,
2830 u64 nr_new_roots, u64 num_bytes, u64 seq)
2831{
2832 struct btrfs_qgroup *qg;
2833
2834 list_for_each_entry(qg, qgroups, nested_iterator) {
2835 u64 cur_new_count, cur_old_count;
2836 bool dirty = false;
2837
2838 cur_old_count = btrfs_qgroup_get_old_refcnt(qg, seq);
2839 cur_new_count = btrfs_qgroup_get_new_refcnt(qg, seq);
2840
2841 trace_qgroup_update_counters(fs_info, qg, cur_old_count,
2842 cur_new_count);
2843
2844 /* Rfer update part */
2845 if (cur_old_count == 0 && cur_new_count > 0) {
2846 qg->rfer += num_bytes;
2847 qg->rfer_cmpr += num_bytes;
2848 dirty = true;
2849 }
2850 if (cur_old_count > 0 && cur_new_count == 0) {
2851 qg->rfer -= num_bytes;
2852 qg->rfer_cmpr -= num_bytes;
2853 dirty = true;
2854 }
2855
2856 /* Excl update part */
2857 /* Exclusive/none -> shared case */
2858 if (cur_old_count == nr_old_roots &&
2859 cur_new_count < nr_new_roots) {
2860 /* Exclusive -> shared */
2861 if (cur_old_count != 0) {
2862 qg->excl -= num_bytes;
2863 qg->excl_cmpr -= num_bytes;
2864 dirty = true;
2865 }
2866 }
2867
2868 /* Shared -> exclusive/none case */
2869 if (cur_old_count < nr_old_roots &&
2870 cur_new_count == nr_new_roots) {
2871 /* Shared->exclusive */
2872 if (cur_new_count != 0) {
2873 qg->excl += num_bytes;
2874 qg->excl_cmpr += num_bytes;
2875 dirty = true;
2876 }
2877 }
2878
2879 /* Exclusive/none -> exclusive/none case */
2880 if (cur_old_count == nr_old_roots &&
2881 cur_new_count == nr_new_roots) {
2882 if (cur_old_count == 0) {
2883 /* None -> exclusive/none */
2884
2885 if (cur_new_count != 0) {
2886 /* None -> exclusive */
2887 qg->excl += num_bytes;
2888 qg->excl_cmpr += num_bytes;
2889 dirty = true;
2890 }
2891 /* None -> none, nothing changed */
2892 } else {
2893 /* Exclusive -> exclusive/none */
2894
2895 if (cur_new_count == 0) {
2896 /* Exclusive -> none */
2897 qg->excl -= num_bytes;
2898 qg->excl_cmpr -= num_bytes;
2899 dirty = true;
2900 }
2901 /* Exclusive -> exclusive, nothing changed */
2902 }
2903 }
2904
2905 if (dirty)
2906 qgroup_dirty(fs_info, qg);
2907 }
2908}
2909
2910/*
2911 * Check if the @roots potentially is a list of fs tree roots
2912 *
2913 * Return 0 for definitely not a fs/subvol tree roots ulist
2914 * Return 1 for possible fs/subvol tree roots in the list (considering an empty
2915 * one as well)
2916 */
2917static int maybe_fs_roots(struct ulist *roots)
2918{
2919 struct ulist_node *unode;
2920 struct ulist_iterator uiter;
2921
2922 /* Empty one, still possible for fs roots */
2923 if (!roots || roots->nnodes == 0)
2924 return 1;
2925
2926 ULIST_ITER_INIT(&uiter);
2927 unode = ulist_next(roots, &uiter);
2928 if (!unode)
2929 return 1;
2930
2931 /*
2932 * If it contains fs tree roots, then it must belong to fs/subvol
2933 * trees.
2934 * If it contains a non-fs tree, it won't be shared with fs/subvol trees.
2935 */
2936 return is_fstree(unode->val);
2937}
2938
2939int btrfs_qgroup_account_extent(struct btrfs_trans_handle *trans, u64 bytenr,
2940 u64 num_bytes, struct ulist *old_roots,
2941 struct ulist *new_roots)
2942{
2943 struct btrfs_fs_info *fs_info = trans->fs_info;
2944 LIST_HEAD(qgroups);
2945 u64 seq;
2946 u64 nr_new_roots = 0;
2947 u64 nr_old_roots = 0;
2948 int ret = 0;
2949
2950 /*
2951 * If quotas get disabled meanwhile, the resources need to be freed and
2952 * we can't just exit here.
2953 */
2954 if (!btrfs_qgroup_full_accounting(fs_info) ||
2955 fs_info->qgroup_flags & BTRFS_QGROUP_RUNTIME_FLAG_NO_ACCOUNTING)
2956 goto out_free;
2957
2958 if (new_roots) {
2959 if (!maybe_fs_roots(new_roots))
2960 goto out_free;
2961 nr_new_roots = new_roots->nnodes;
2962 }
2963 if (old_roots) {
2964 if (!maybe_fs_roots(old_roots))
2965 goto out_free;
2966 nr_old_roots = old_roots->nnodes;
2967 }
2968
2969 /* Quick exit, either not fs tree roots, or won't affect any qgroup */
2970 if (nr_old_roots == 0 && nr_new_roots == 0)
2971 goto out_free;
2972
2973 trace_btrfs_qgroup_account_extent(fs_info, trans->transid, bytenr,
2974 num_bytes, nr_old_roots, nr_new_roots);
2975
2976 mutex_lock(&fs_info->qgroup_rescan_lock);
2977 if (fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_RESCAN) {
2978 if (fs_info->qgroup_rescan_progress.objectid <= bytenr) {
2979 mutex_unlock(&fs_info->qgroup_rescan_lock);
2980 ret = 0;
2981 goto out_free;
2982 }
2983 }
2984 mutex_unlock(&fs_info->qgroup_rescan_lock);
2985
2986 spin_lock(&fs_info->qgroup_lock);
2987 seq = fs_info->qgroup_seq;
2988
2989 /* Update old refcnts using old_roots */
2990 qgroup_update_refcnt(fs_info, old_roots, &qgroups, seq, UPDATE_OLD);
2991
2992 /* Update new refcnts using new_roots */
2993 qgroup_update_refcnt(fs_info, new_roots, &qgroups, seq, UPDATE_NEW);
2994
2995 qgroup_update_counters(fs_info, &qgroups, nr_old_roots, nr_new_roots,
2996 num_bytes, seq);
2997
2998 /*
2999 * We're done using the iterator, release all its qgroups while holding
3000 * fs_info->qgroup_lock so that we don't race with btrfs_remove_qgroup()
3001 * and trigger use-after-free accesses to qgroups.
3002 */
3003 qgroup_iterator_nested_clean(&qgroups);
3004
3005 /*
3006 * Bump qgroup_seq to avoid seq overlap
3007 */
3008 fs_info->qgroup_seq += max(nr_old_roots, nr_new_roots) + 1;
3009 spin_unlock(&fs_info->qgroup_lock);
3010out_free:
3011 ulist_free(old_roots);
3012 ulist_free(new_roots);
3013 return ret;
3014}
3015
3016int btrfs_qgroup_account_extents(struct btrfs_trans_handle *trans)
3017{
3018 struct btrfs_fs_info *fs_info = trans->fs_info;
3019 struct btrfs_qgroup_extent_record *record;
3020 struct btrfs_delayed_ref_root *delayed_refs;
3021 struct ulist *new_roots = NULL;
3022 unsigned long index;
3023 u64 num_dirty_extents = 0;
3024 u64 qgroup_to_skip;
3025 int ret = 0;
3026
3027 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_SIMPLE)
3028 return 0;
3029
3030 delayed_refs = &trans->transaction->delayed_refs;
3031 qgroup_to_skip = delayed_refs->qgroup_to_skip;
3032 xa_for_each(&delayed_refs->dirty_extents, index, record) {
3033 const u64 bytenr = (((u64)index) << fs_info->sectorsize_bits);
3034
3035 num_dirty_extents++;
3036 trace_btrfs_qgroup_account_extents(fs_info, record, bytenr);
3037
3038 if (!ret && !(fs_info->qgroup_flags &
3039 BTRFS_QGROUP_RUNTIME_FLAG_NO_ACCOUNTING)) {
3040 struct btrfs_backref_walk_ctx ctx = { 0 };
3041
3042 ctx.bytenr = bytenr;
3043 ctx.fs_info = fs_info;
3044
3045 /*
3046 * Old roots should be searched when inserting qgroup
3047 * extent record.
3048 *
3049 * But for INCONSISTENT (NO_ACCOUNTING) -> rescan case,
3050 * we may have some record inserted during
3051 * NO_ACCOUNTING (thus no old_roots populated), but
3052 * later we start rescan, which clears NO_ACCOUNTING,
3053 * leaving some inserted records without old_roots
3054 * populated.
3055 *
3056 * Those cases are rare and should not cause too much
3057 * time spent during commit_transaction().
3058 */
3059 if (!record->old_roots) {
3060 /* Search commit root to find old_roots */
3061 ret = btrfs_find_all_roots(&ctx, false);
3062 if (ret < 0)
3063 goto cleanup;
3064 record->old_roots = ctx.roots;
3065 ctx.roots = NULL;
3066 }
3067
3068 /*
3069 * Use BTRFS_SEQ_LAST as time_seq to do special search,
3070 * which doesn't lock tree or delayed_refs and search
3071 * current root. It's safe inside commit_transaction().
3072 */
3073 ctx.trans = trans;
3074 ctx.time_seq = BTRFS_SEQ_LAST;
3075 ret = btrfs_find_all_roots(&ctx, false);
3076 if (ret < 0)
3077 goto cleanup;
3078 new_roots = ctx.roots;
3079 if (qgroup_to_skip) {
3080 ulist_del(new_roots, qgroup_to_skip, 0);
3081 ulist_del(record->old_roots, qgroup_to_skip,
3082 0);
3083 }
3084 ret = btrfs_qgroup_account_extent(trans, bytenr,
3085 record->num_bytes,
3086 record->old_roots,
3087 new_roots);
3088 record->old_roots = NULL;
3089 new_roots = NULL;
3090 }
3091 /* Free the reserved data space */
3092 btrfs_qgroup_free_refroot(fs_info,
3093 record->data_rsv_refroot,
3094 record->data_rsv,
3095 BTRFS_QGROUP_RSV_DATA);
3096cleanup:
3097 ulist_free(record->old_roots);
3098 ulist_free(new_roots);
3099 new_roots = NULL;
3100 xa_erase(&delayed_refs->dirty_extents, index);
3101 kfree(record);
3102
3103 }
3104 trace_qgroup_num_dirty_extents(fs_info, trans->transid,
3105 num_dirty_extents);
3106 return ret;
3107}
3108
3109/*
3110 * Writes all changed qgroups to disk.
3111 * Called by the transaction commit path and the qgroup assign ioctl.
3112 */
3113int btrfs_run_qgroups(struct btrfs_trans_handle *trans)
3114{
3115 struct btrfs_fs_info *fs_info = trans->fs_info;
3116 int ret = 0;
3117
3118 /*
3119 * In case we are called from the qgroup assign ioctl, assert that we
3120 * are holding the qgroup_ioctl_lock, otherwise we can race with a quota
3121 * disable operation (ioctl) and access a freed quota root.
3122 */
3123 if (trans->transaction->state != TRANS_STATE_COMMIT_DOING)
3124 lockdep_assert_held(&fs_info->qgroup_ioctl_lock);
3125
3126 if (!fs_info->quota_root)
3127 return ret;
3128
3129 spin_lock(&fs_info->qgroup_lock);
3130 while (!list_empty(&fs_info->dirty_qgroups)) {
3131 struct btrfs_qgroup *qgroup;
3132 qgroup = list_first_entry(&fs_info->dirty_qgroups,
3133 struct btrfs_qgroup, dirty);
3134 list_del_init(&qgroup->dirty);
3135 spin_unlock(&fs_info->qgroup_lock);
3136 ret = update_qgroup_info_item(trans, qgroup);
3137 if (ret)
3138 qgroup_mark_inconsistent(fs_info);
3139 ret = update_qgroup_limit_item(trans, qgroup);
3140 if (ret)
3141 qgroup_mark_inconsistent(fs_info);
3142 spin_lock(&fs_info->qgroup_lock);
3143 }
3144 if (btrfs_qgroup_enabled(fs_info))
3145 fs_info->qgroup_flags |= BTRFS_QGROUP_STATUS_FLAG_ON;
3146 else
3147 fs_info->qgroup_flags &= ~BTRFS_QGROUP_STATUS_FLAG_ON;
3148 spin_unlock(&fs_info->qgroup_lock);
3149
3150 ret = update_qgroup_status_item(trans);
3151 if (ret)
3152 qgroup_mark_inconsistent(fs_info);
3153
3154 return ret;
3155}
3156
3157int btrfs_qgroup_check_inherit(struct btrfs_fs_info *fs_info,
3158 struct btrfs_qgroup_inherit *inherit,
3159 size_t size)
3160{
3161 if (inherit->flags & ~BTRFS_QGROUP_INHERIT_FLAGS_SUPP)
3162 return -EOPNOTSUPP;
3163 if (size < sizeof(*inherit) || size > PAGE_SIZE)
3164 return -EINVAL;
3165
3166 /*
3167 * In the past we allowed btrfs_qgroup_inherit to specify to copy
3168 * rfer/excl numbers directly from other qgroups. This behavior has
3169 * been disabled in userspace for a very long time, but here we should
3170 * also disable it in kernel, as this behavior is known to mark qgroup
3171 * inconsistent, and a rescan would wipe out the changes anyway.
3172 *
3173 * Reject any btrfs_qgroup_inherit with num_ref_copies or num_excl_copies.
3174 */
3175 if (inherit->num_ref_copies > 0 || inherit->num_excl_copies > 0)
3176 return -EINVAL;
3177
3178 if (size != struct_size(inherit, qgroups, inherit->num_qgroups))
3179 return -EINVAL;
3180
3181 /*
3182 * Skip the inherit source qgroups check if qgroup is not enabled.
3183 * Qgroup can still be later enabled causing problems, but in that case
3184 * btrfs_qgroup_inherit() would just ignore those invalid ones.
3185 */
3186 if (!btrfs_qgroup_enabled(fs_info))
3187 return 0;
3188
3189 /*
3190 * Now check all the remaining qgroups, they should all:
3191 *
3192 * - Exist
3193 * - Be higher level qgroups.
3194 */
3195 for (int i = 0; i < inherit->num_qgroups; i++) {
3196 struct btrfs_qgroup *qgroup;
3197 u64 qgroupid = inherit->qgroups[i];
3198
3199 if (btrfs_qgroup_level(qgroupid) == 0)
3200 return -EINVAL;
3201
3202 spin_lock(&fs_info->qgroup_lock);
3203 qgroup = find_qgroup_rb(fs_info, qgroupid);
3204 if (!qgroup) {
3205 spin_unlock(&fs_info->qgroup_lock);
3206 return -ENOENT;
3207 }
3208 spin_unlock(&fs_info->qgroup_lock);
3209 }
3210 return 0;
3211}
3212
3213static int qgroup_auto_inherit(struct btrfs_fs_info *fs_info,
3214 u64 inode_rootid,
3215 struct btrfs_qgroup_inherit **inherit)
3216{
3217 int i = 0;
3218 u64 num_qgroups = 0;
3219 struct btrfs_qgroup *inode_qg;
3220 struct btrfs_qgroup_list *qg_list;
3221 struct btrfs_qgroup_inherit *res;
3222 size_t struct_sz;
3223 u64 *qgids;
3224
3225 if (*inherit)
3226 return -EEXIST;
3227
3228 inode_qg = find_qgroup_rb(fs_info, inode_rootid);
3229 if (!inode_qg)
3230 return -ENOENT;
3231
3232 num_qgroups = list_count_nodes(&inode_qg->groups);
3233
3234 if (!num_qgroups)
3235 return 0;
3236
3237 struct_sz = struct_size(res, qgroups, num_qgroups);
3238 if (struct_sz == SIZE_MAX)
3239 return -ERANGE;
3240
3241 res = kzalloc(struct_sz, GFP_NOFS);
3242 if (!res)
3243 return -ENOMEM;
3244 res->num_qgroups = num_qgroups;
3245 qgids = res->qgroups;
3246
3247 list_for_each_entry(qg_list, &inode_qg->groups, next_group)
3248 qgids[i++] = qg_list->group->qgroupid;
3249
3250 *inherit = res;
3251 return 0;
3252}
3253
3254/*
3255 * Check if we can skip rescan when inheriting qgroups. If @src has a single
3256 * @parent, and that @parent is owning all its bytes exclusively, we can skip
3257 * the full rescan, by just adding nodesize to the @parent's excl/rfer.
3258 *
3259 * Return <0 for fatal errors (like srcid/parentid has no qgroup).
3260 * Return 0 if a quick inherit is done.
3261 * Return >0 if a quick inherit is not possible, and a full rescan is needed.
3262 */
3263static int qgroup_snapshot_quick_inherit(struct btrfs_fs_info *fs_info,
3264 u64 srcid, u64 parentid)
3265{
3266 struct btrfs_qgroup *src;
3267 struct btrfs_qgroup *parent;
3268 struct btrfs_qgroup_list *list;
3269 int nr_parents = 0;
3270
3271 src = find_qgroup_rb(fs_info, srcid);
3272 if (!src)
3273 return -ENOENT;
3274 parent = find_qgroup_rb(fs_info, parentid);
3275 if (!parent)
3276 return -ENOENT;
3277
3278 /*
3279 * Source has no parent qgroup, but our new qgroup would have one.
3280 * Qgroup numbers would become inconsistent.
3281 */
3282 if (list_empty(&src->groups))
3283 return 1;
3284
3285 list_for_each_entry(list, &src->groups, next_group) {
3286 /* The parent is not the same, quick update is not possible. */
3287 if (list->group->qgroupid != parentid)
3288 return 1;
3289 nr_parents++;
3290 /*
3291 * More than one parent qgroup, we can't be sure about accounting
3292 * consistency.
3293 */
3294 if (nr_parents > 1)
3295 return 1;
3296 }
3297
3298 /*
3299 * The parent is not exclusively owning all its bytes. We're not sure
3300 * if the source has any bytes not fully owned by the parent.
3301 */
3302 if (parent->excl != parent->rfer)
3303 return 1;
3304
3305 parent->excl += fs_info->nodesize;
3306 parent->rfer += fs_info->nodesize;
3307 return 0;
3308}
3309
3310/*
3311 * Copy the accounting information between qgroups. This is necessary
3312 * when a snapshot or a subvolume is created. Throwing an error will
3313 * cause a transaction abort so we take extra care here to only error
3314 * when a readonly fs is a reasonable outcome.
3315 */
3316int btrfs_qgroup_inherit(struct btrfs_trans_handle *trans, u64 srcid,
3317 u64 objectid, u64 inode_rootid,
3318 struct btrfs_qgroup_inherit *inherit)
3319{
3320 int ret = 0;
3321 u64 *i_qgroups;
3322 bool committing = false;
3323 struct btrfs_fs_info *fs_info = trans->fs_info;
3324 struct btrfs_root *quota_root;
3325 struct btrfs_qgroup *srcgroup;
3326 struct btrfs_qgroup *dstgroup;
3327 struct btrfs_qgroup *prealloc;
3328 struct btrfs_qgroup_list **qlist_prealloc = NULL;
3329 bool free_inherit = false;
3330 bool need_rescan = false;
3331 u32 level_size = 0;
3332 u64 nums;
3333
3334 prealloc = kzalloc(sizeof(*prealloc), GFP_NOFS);
3335 if (!prealloc)
3336 return -ENOMEM;
3337
3338 /*
3339 * There are only two callers of this function.
3340 *
3341 * One in create_subvol() in the ioctl context, which needs to hold
3342 * the qgroup_ioctl_lock.
3343 *
3344 * The other one in create_pending_snapshot() where no other qgroup
3345 * code can modify the fs as they all need to either start a new trans
3346 * or hold a trans handler, thus we don't need to hold
3347 * qgroup_ioctl_lock.
3348 * This would avoid long and complex lock chain and make lockdep happy.
3349 */
3350 spin_lock(&fs_info->trans_lock);
3351 if (trans->transaction->state == TRANS_STATE_COMMIT_DOING)
3352 committing = true;
3353 spin_unlock(&fs_info->trans_lock);
3354
3355 if (!committing)
3356 mutex_lock(&fs_info->qgroup_ioctl_lock);
3357 if (!btrfs_qgroup_enabled(fs_info))
3358 goto out;
3359
3360 quota_root = fs_info->quota_root;
3361 if (!quota_root) {
3362 ret = -EINVAL;
3363 goto out;
3364 }
3365
3366 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_SIMPLE && !inherit) {
3367 ret = qgroup_auto_inherit(fs_info, inode_rootid, &inherit);
3368 if (ret)
3369 goto out;
3370 free_inherit = true;
3371 }
3372
3373 if (inherit) {
3374 i_qgroups = (u64 *)(inherit + 1);
3375 nums = inherit->num_qgroups + 2 * inherit->num_ref_copies +
3376 2 * inherit->num_excl_copies;
3377 for (int i = 0; i < nums; i++) {
3378 srcgroup = find_qgroup_rb(fs_info, *i_qgroups);
3379
3380 /*
3381 * Zero out invalid groups so we can ignore
3382 * them later.
3383 */
3384 if (!srcgroup ||
3385 ((srcgroup->qgroupid >> 48) <= (objectid >> 48)))
3386 *i_qgroups = 0ULL;
3387
3388 ++i_qgroups;
3389 }
3390 }
3391
3392 /*
3393 * create a tracking group for the subvol itself
3394 */
3395 ret = add_qgroup_item(trans, quota_root, objectid);
3396 if (ret)
3397 goto out;
3398
3399 /*
3400 * add qgroup to all inherited groups
3401 */
3402 if (inherit) {
3403 i_qgroups = (u64 *)(inherit + 1);
3404 for (int i = 0; i < inherit->num_qgroups; i++, i_qgroups++) {
3405 if (*i_qgroups == 0)
3406 continue;
3407 ret = add_qgroup_relation_item(trans, objectid,
3408 *i_qgroups);
3409 if (ret && ret != -EEXIST)
3410 goto out;
3411 ret = add_qgroup_relation_item(trans, *i_qgroups,
3412 objectid);
3413 if (ret && ret != -EEXIST)
3414 goto out;
3415 }
3416 ret = 0;
3417
3418 qlist_prealloc = kcalloc(inherit->num_qgroups,
3419 sizeof(struct btrfs_qgroup_list *),
3420 GFP_NOFS);
3421 if (!qlist_prealloc) {
3422 ret = -ENOMEM;
3423 goto out;
3424 }
3425 for (int i = 0; i < inherit->num_qgroups; i++) {
3426 qlist_prealloc[i] = kzalloc(sizeof(struct btrfs_qgroup_list),
3427 GFP_NOFS);
3428 if (!qlist_prealloc[i]) {
3429 ret = -ENOMEM;
3430 goto out;
3431 }
3432 }
3433 }
3434
3435 spin_lock(&fs_info->qgroup_lock);
3436
3437 dstgroup = add_qgroup_rb(fs_info, prealloc, objectid);
3438 prealloc = NULL;
3439
3440 if (inherit && inherit->flags & BTRFS_QGROUP_INHERIT_SET_LIMITS) {
3441 dstgroup->lim_flags = inherit->lim.flags;
3442 dstgroup->max_rfer = inherit->lim.max_rfer;
3443 dstgroup->max_excl = inherit->lim.max_excl;
3444 dstgroup->rsv_rfer = inherit->lim.rsv_rfer;
3445 dstgroup->rsv_excl = inherit->lim.rsv_excl;
3446
3447 qgroup_dirty(fs_info, dstgroup);
3448 }
3449
3450 if (srcid && btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_FULL) {
3451 srcgroup = find_qgroup_rb(fs_info, srcid);
3452 if (!srcgroup)
3453 goto unlock;
3454
3455 /*
3456 * We call inherit after we clone the root in order to make sure
3457 * our counts don't go crazy, so at this point the only
3458 * difference between the two roots should be the root node.
3459 */
3460 level_size = fs_info->nodesize;
3461 dstgroup->rfer = srcgroup->rfer;
3462 dstgroup->rfer_cmpr = srcgroup->rfer_cmpr;
3463 dstgroup->excl = level_size;
3464 dstgroup->excl_cmpr = level_size;
3465 srcgroup->excl = level_size;
3466 srcgroup->excl_cmpr = level_size;
3467
3468 /* inherit the limit info */
3469 dstgroup->lim_flags = srcgroup->lim_flags;
3470 dstgroup->max_rfer = srcgroup->max_rfer;
3471 dstgroup->max_excl = srcgroup->max_excl;
3472 dstgroup->rsv_rfer = srcgroup->rsv_rfer;
3473 dstgroup->rsv_excl = srcgroup->rsv_excl;
3474
3475 qgroup_dirty(fs_info, dstgroup);
3476 qgroup_dirty(fs_info, srcgroup);
3477
3478 /*
3479 * If the source qgroup has parent but the new one doesn't,
3480 * we need a full rescan.
3481 */
3482 if (!inherit && !list_empty(&srcgroup->groups))
3483 need_rescan = true;
3484 }
3485
3486 if (!inherit)
3487 goto unlock;
3488
3489 i_qgroups = (u64 *)(inherit + 1);
3490 for (int i = 0; i < inherit->num_qgroups; i++) {
3491 if (*i_qgroups) {
3492 ret = add_relation_rb(fs_info, qlist_prealloc[i], objectid,
3493 *i_qgroups);
3494 qlist_prealloc[i] = NULL;
3495 if (ret)
3496 goto unlock;
3497 }
3498 if (srcid) {
3499 /* Check if we can do a quick inherit. */
3500 ret = qgroup_snapshot_quick_inherit(fs_info, srcid, *i_qgroups);
3501 if (ret < 0)
3502 goto unlock;
3503 if (ret > 0)
3504 need_rescan = true;
3505 ret = 0;
3506 }
3507 ++i_qgroups;
3508 }
3509
3510 for (int i = 0; i < inherit->num_ref_copies; i++, i_qgroups += 2) {
3511 struct btrfs_qgroup *src;
3512 struct btrfs_qgroup *dst;
3513
3514 if (!i_qgroups[0] || !i_qgroups[1])
3515 continue;
3516
3517 src = find_qgroup_rb(fs_info, i_qgroups[0]);
3518 dst = find_qgroup_rb(fs_info, i_qgroups[1]);
3519
3520 if (!src || !dst) {
3521 ret = -EINVAL;
3522 goto unlock;
3523 }
3524
3525 dst->rfer = src->rfer - level_size;
3526 dst->rfer_cmpr = src->rfer_cmpr - level_size;
3527
3528 /* Manually tweaking numbers certainly needs a rescan */
3529 need_rescan = true;
3530 }
3531 for (int i = 0; i < inherit->num_excl_copies; i++, i_qgroups += 2) {
3532 struct btrfs_qgroup *src;
3533 struct btrfs_qgroup *dst;
3534
3535 if (!i_qgroups[0] || !i_qgroups[1])
3536 continue;
3537
3538 src = find_qgroup_rb(fs_info, i_qgroups[0]);
3539 dst = find_qgroup_rb(fs_info, i_qgroups[1]);
3540
3541 if (!src || !dst) {
3542 ret = -EINVAL;
3543 goto unlock;
3544 }
3545
3546 dst->excl = src->excl + level_size;
3547 dst->excl_cmpr = src->excl_cmpr + level_size;
3548 need_rescan = true;
3549 }
3550
3551unlock:
3552 spin_unlock(&fs_info->qgroup_lock);
3553 if (!ret)
3554 ret = btrfs_sysfs_add_one_qgroup(fs_info, dstgroup);
3555out:
3556 if (!committing)
3557 mutex_unlock(&fs_info->qgroup_ioctl_lock);
3558 if (need_rescan)
3559 qgroup_mark_inconsistent(fs_info);
3560 if (qlist_prealloc) {
3561 for (int i = 0; i < inherit->num_qgroups; i++)
3562 kfree(qlist_prealloc[i]);
3563 kfree(qlist_prealloc);
3564 }
3565 if (free_inherit)
3566 kfree(inherit);
3567 kfree(prealloc);
3568 return ret;
3569}
3570
3571static bool qgroup_check_limits(const struct btrfs_qgroup *qg, u64 num_bytes)
3572{
3573 if ((qg->lim_flags & BTRFS_QGROUP_LIMIT_MAX_RFER) &&
3574 qgroup_rsv_total(qg) + (s64)qg->rfer + num_bytes > qg->max_rfer)
3575 return false;
3576
3577 if ((qg->lim_flags & BTRFS_QGROUP_LIMIT_MAX_EXCL) &&
3578 qgroup_rsv_total(qg) + (s64)qg->excl + num_bytes > qg->max_excl)
3579 return false;
3580
3581 return true;
3582}
3583
3584static int qgroup_reserve(struct btrfs_root *root, u64 num_bytes, bool enforce,
3585 enum btrfs_qgroup_rsv_type type)
3586{
3587 struct btrfs_qgroup *qgroup;
3588 struct btrfs_fs_info *fs_info = root->fs_info;
3589 u64 ref_root = btrfs_root_id(root);
3590 int ret = 0;
3591 LIST_HEAD(qgroup_list);
3592
3593 if (!is_fstree(ref_root))
3594 return 0;
3595
3596 if (num_bytes == 0)
3597 return 0;
3598
3599 if (test_bit(BTRFS_FS_QUOTA_OVERRIDE, &fs_info->flags) &&
3600 capable(CAP_SYS_RESOURCE))
3601 enforce = false;
3602
3603 spin_lock(&fs_info->qgroup_lock);
3604 if (!fs_info->quota_root)
3605 goto out;
3606
3607 qgroup = find_qgroup_rb(fs_info, ref_root);
3608 if (!qgroup)
3609 goto out;
3610
3611 qgroup_iterator_add(&qgroup_list, qgroup);
3612 list_for_each_entry(qgroup, &qgroup_list, iterator) {
3613 struct btrfs_qgroup_list *glist;
3614
3615 if (enforce && !qgroup_check_limits(qgroup, num_bytes)) {
3616 ret = -EDQUOT;
3617 goto out;
3618 }
3619
3620 list_for_each_entry(glist, &qgroup->groups, next_group)
3621 qgroup_iterator_add(&qgroup_list, glist->group);
3622 }
3623
3624 ret = 0;
3625 /*
3626 * no limits exceeded, now record the reservation into all qgroups
3627 */
3628 list_for_each_entry(qgroup, &qgroup_list, iterator)
3629 qgroup_rsv_add(fs_info, qgroup, num_bytes, type);
3630
3631out:
3632 qgroup_iterator_clean(&qgroup_list);
3633 spin_unlock(&fs_info->qgroup_lock);
3634 return ret;
3635}
3636
3637/*
3638 * Free @num_bytes of reserved space with @type for qgroup. (Normally level 0
3639 * qgroup).
3640 *
3641 * Will handle all higher level qgroup too.
3642 *
3643 * NOTE: If @num_bytes is (u64)-1, this means to free all bytes of this qgroup.
3644 * This special case is only used for META_PERTRANS type.
3645 */
3646void btrfs_qgroup_free_refroot(struct btrfs_fs_info *fs_info,
3647 u64 ref_root, u64 num_bytes,
3648 enum btrfs_qgroup_rsv_type type)
3649{
3650 struct btrfs_qgroup *qgroup;
3651 LIST_HEAD(qgroup_list);
3652
3653 if (!is_fstree(ref_root))
3654 return;
3655
3656 if (num_bytes == 0)
3657 return;
3658
3659 if (num_bytes == (u64)-1 && type != BTRFS_QGROUP_RSV_META_PERTRANS) {
3660 WARN(1, "%s: Invalid type to free", __func__);
3661 return;
3662 }
3663 spin_lock(&fs_info->qgroup_lock);
3664
3665 if (!fs_info->quota_root)
3666 goto out;
3667
3668 qgroup = find_qgroup_rb(fs_info, ref_root);
3669 if (!qgroup)
3670 goto out;
3671
3672 if (num_bytes == (u64)-1)
3673 /*
3674 * We're freeing all pertrans rsv, get reserved value from
3675 * level 0 qgroup as real num_bytes to free.
3676 */
3677 num_bytes = qgroup->rsv.values[type];
3678
3679 qgroup_iterator_add(&qgroup_list, qgroup);
3680 list_for_each_entry(qgroup, &qgroup_list, iterator) {
3681 struct btrfs_qgroup_list *glist;
3682
3683 qgroup_rsv_release(fs_info, qgroup, num_bytes, type);
3684 list_for_each_entry(glist, &qgroup->groups, next_group) {
3685 qgroup_iterator_add(&qgroup_list, glist->group);
3686 }
3687 }
3688out:
3689 qgroup_iterator_clean(&qgroup_list);
3690 spin_unlock(&fs_info->qgroup_lock);
3691}
3692
3693/*
3694 * Check if the leaf is the last leaf. Which means all node pointers
3695 * are at their last position.
3696 */
3697static bool is_last_leaf(struct btrfs_path *path)
3698{
3699 int i;
3700
3701 for (i = 1; i < BTRFS_MAX_LEVEL && path->nodes[i]; i++) {
3702 if (path->slots[i] != btrfs_header_nritems(path->nodes[i]) - 1)
3703 return false;
3704 }
3705 return true;
3706}
3707
3708/*
3709 * returns < 0 on error, 0 when more leafs are to be scanned.
3710 * returns 1 when done.
3711 */
3712static int qgroup_rescan_leaf(struct btrfs_trans_handle *trans,
3713 struct btrfs_path *path)
3714{
3715 struct btrfs_fs_info *fs_info = trans->fs_info;
3716 struct btrfs_root *extent_root;
3717 struct btrfs_key found;
3718 struct extent_buffer *scratch_leaf = NULL;
3719 u64 num_bytes;
3720 bool done;
3721 int slot;
3722 int ret;
3723
3724 if (!btrfs_qgroup_full_accounting(fs_info))
3725 return 1;
3726
3727 mutex_lock(&fs_info->qgroup_rescan_lock);
3728 extent_root = btrfs_extent_root(fs_info,
3729 fs_info->qgroup_rescan_progress.objectid);
3730 ret = btrfs_search_slot_for_read(extent_root,
3731 &fs_info->qgroup_rescan_progress,
3732 path, 1, 0);
3733
3734 btrfs_debug(fs_info,
3735 "current progress key (%llu %u %llu), search_slot ret %d",
3736 fs_info->qgroup_rescan_progress.objectid,
3737 fs_info->qgroup_rescan_progress.type,
3738 fs_info->qgroup_rescan_progress.offset, ret);
3739
3740 if (ret) {
3741 /*
3742 * The rescan is about to end, we will not be scanning any
3743 * further blocks. We cannot unset the RESCAN flag here, because
3744 * we want to commit the transaction if everything went well.
3745 * To make the live accounting work in this phase, we set our
3746 * scan progress pointer such that every real extent objectid
3747 * will be smaller.
3748 */
3749 fs_info->qgroup_rescan_progress.objectid = (u64)-1;
3750 btrfs_release_path(path);
3751 mutex_unlock(&fs_info->qgroup_rescan_lock);
3752 return ret;
3753 }
3754 done = is_last_leaf(path);
3755
3756 btrfs_item_key_to_cpu(path->nodes[0], &found,
3757 btrfs_header_nritems(path->nodes[0]) - 1);
3758 fs_info->qgroup_rescan_progress.objectid = found.objectid + 1;
3759
3760 scratch_leaf = btrfs_clone_extent_buffer(path->nodes[0]);
3761 if (!scratch_leaf) {
3762 ret = -ENOMEM;
3763 mutex_unlock(&fs_info->qgroup_rescan_lock);
3764 goto out;
3765 }
3766 slot = path->slots[0];
3767 btrfs_release_path(path);
3768 mutex_unlock(&fs_info->qgroup_rescan_lock);
3769
3770 for (; slot < btrfs_header_nritems(scratch_leaf); ++slot) {
3771 struct btrfs_backref_walk_ctx ctx = { 0 };
3772
3773 btrfs_item_key_to_cpu(scratch_leaf, &found, slot);
3774 if (found.type != BTRFS_EXTENT_ITEM_KEY &&
3775 found.type != BTRFS_METADATA_ITEM_KEY)
3776 continue;
3777 if (found.type == BTRFS_METADATA_ITEM_KEY)
3778 num_bytes = fs_info->nodesize;
3779 else
3780 num_bytes = found.offset;
3781
3782 ctx.bytenr = found.objectid;
3783 ctx.fs_info = fs_info;
3784
3785 ret = btrfs_find_all_roots(&ctx, false);
3786 if (ret < 0)
3787 goto out;
3788 /* For rescan, just pass old_roots as NULL */
3789 ret = btrfs_qgroup_account_extent(trans, found.objectid,
3790 num_bytes, NULL, ctx.roots);
3791 if (ret < 0)
3792 goto out;
3793 }
3794out:
3795 if (scratch_leaf)
3796 free_extent_buffer(scratch_leaf);
3797
3798 if (done && !ret) {
3799 ret = 1;
3800 fs_info->qgroup_rescan_progress.objectid = (u64)-1;
3801 }
3802 return ret;
3803}
3804
3805static bool rescan_should_stop(struct btrfs_fs_info *fs_info)
3806{
3807 if (btrfs_fs_closing(fs_info))
3808 return true;
3809 if (test_bit(BTRFS_FS_STATE_REMOUNTING, &fs_info->fs_state))
3810 return true;
3811 if (!btrfs_qgroup_enabled(fs_info))
3812 return true;
3813 if (fs_info->qgroup_flags & BTRFS_QGROUP_RUNTIME_FLAG_CANCEL_RESCAN)
3814 return true;
3815 return false;
3816}
3817
3818static void btrfs_qgroup_rescan_worker(struct btrfs_work *work)
3819{
3820 struct btrfs_fs_info *fs_info = container_of(work, struct btrfs_fs_info,
3821 qgroup_rescan_work);
3822 struct btrfs_path *path;
3823 struct btrfs_trans_handle *trans = NULL;
3824 int ret = 0;
3825 bool stopped = false;
3826 bool did_leaf_rescans = false;
3827
3828 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_SIMPLE)
3829 return;
3830
3831 path = btrfs_alloc_path();
3832 if (!path) {
3833 ret = -ENOMEM;
3834 goto out;
3835 }
3836 /*
3837 * Rescan should only search for commit root, and any later difference
3838 * should be recorded by qgroup
3839 */
3840 path->search_commit_root = 1;
3841 path->skip_locking = 1;
3842
3843 while (!ret && !(stopped = rescan_should_stop(fs_info))) {
3844 trans = btrfs_start_transaction(fs_info->fs_root, 0);
3845 if (IS_ERR(trans)) {
3846 ret = PTR_ERR(trans);
3847 break;
3848 }
3849
3850 ret = qgroup_rescan_leaf(trans, path);
3851 did_leaf_rescans = true;
3852
3853 if (ret > 0)
3854 btrfs_commit_transaction(trans);
3855 else
3856 btrfs_end_transaction(trans);
3857 }
3858
3859out:
3860 btrfs_free_path(path);
3861
3862 mutex_lock(&fs_info->qgroup_rescan_lock);
3863 if (ret > 0 &&
3864 fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT) {
3865 fs_info->qgroup_flags &= ~BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT;
3866 } else if (ret < 0 || stopped) {
3867 fs_info->qgroup_flags |= BTRFS_QGROUP_STATUS_FLAG_INCONSISTENT;
3868 }
3869 mutex_unlock(&fs_info->qgroup_rescan_lock);
3870
3871 /*
3872 * Only update status, since the previous part has already updated the
3873 * qgroup info, and only if we did any actual work. This also prevents
3874 * race with a concurrent quota disable, which has already set
3875 * fs_info->quota_root to NULL and cleared BTRFS_FS_QUOTA_ENABLED at
3876 * btrfs_quota_disable().
3877 */
3878 if (did_leaf_rescans) {
3879 trans = btrfs_start_transaction(fs_info->quota_root, 1);
3880 if (IS_ERR(trans)) {
3881 ret = PTR_ERR(trans);
3882 trans = NULL;
3883 btrfs_err(fs_info,
3884 "fail to start transaction for status update: %d",
3885 ret);
3886 }
3887 } else {
3888 trans = NULL;
3889 }
3890
3891 mutex_lock(&fs_info->qgroup_rescan_lock);
3892 if (!stopped ||
3893 fs_info->qgroup_flags & BTRFS_QGROUP_RUNTIME_FLAG_CANCEL_RESCAN)
3894 fs_info->qgroup_flags &= ~BTRFS_QGROUP_STATUS_FLAG_RESCAN;
3895 if (trans) {
3896 int ret2 = update_qgroup_status_item(trans);
3897
3898 if (ret2 < 0) {
3899 ret = ret2;
3900 btrfs_err(fs_info, "fail to update qgroup status: %d", ret);
3901 }
3902 }
3903 fs_info->qgroup_rescan_running = false;
3904 fs_info->qgroup_flags &= ~BTRFS_QGROUP_RUNTIME_FLAG_CANCEL_RESCAN;
3905 complete_all(&fs_info->qgroup_rescan_completion);
3906 mutex_unlock(&fs_info->qgroup_rescan_lock);
3907
3908 if (!trans)
3909 return;
3910
3911 btrfs_end_transaction(trans);
3912
3913 if (stopped) {
3914 btrfs_info(fs_info, "qgroup scan paused");
3915 } else if (fs_info->qgroup_flags & BTRFS_QGROUP_RUNTIME_FLAG_CANCEL_RESCAN) {
3916 btrfs_info(fs_info, "qgroup scan cancelled");
3917 } else if (ret >= 0) {
3918 btrfs_info(fs_info, "qgroup scan completed%s",
3919 ret > 0 ? " (inconsistency flag cleared)" : "");
3920 } else {
3921 btrfs_err(fs_info, "qgroup scan failed with %d", ret);
3922 }
3923}
3924
3925/*
3926 * Checks that (a) no rescan is running and (b) quota is enabled. Allocates all
3927 * memory required for the rescan context.
3928 */
3929static int
3930qgroup_rescan_init(struct btrfs_fs_info *fs_info, u64 progress_objectid,
3931 int init_flags)
3932{
3933 int ret = 0;
3934
3935 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_SIMPLE) {
3936 btrfs_warn(fs_info, "qgroup rescan init failed, running in simple mode");
3937 return -EINVAL;
3938 }
3939
3940 if (!init_flags) {
3941 /* we're resuming qgroup rescan at mount time */
3942 if (!(fs_info->qgroup_flags &
3943 BTRFS_QGROUP_STATUS_FLAG_RESCAN)) {
3944 btrfs_debug(fs_info,
3945 "qgroup rescan init failed, qgroup rescan is not queued");
3946 ret = -EINVAL;
3947 } else if (!(fs_info->qgroup_flags &
3948 BTRFS_QGROUP_STATUS_FLAG_ON)) {
3949 btrfs_debug(fs_info,
3950 "qgroup rescan init failed, qgroup is not enabled");
3951 ret = -ENOTCONN;
3952 }
3953
3954 if (ret)
3955 return ret;
3956 }
3957
3958 mutex_lock(&fs_info->qgroup_rescan_lock);
3959
3960 if (init_flags) {
3961 if (fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_RESCAN) {
3962 ret = -EINPROGRESS;
3963 } else if (!(fs_info->qgroup_flags &
3964 BTRFS_QGROUP_STATUS_FLAG_ON)) {
3965 btrfs_debug(fs_info,
3966 "qgroup rescan init failed, qgroup is not enabled");
3967 ret = -ENOTCONN;
3968 } else if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_DISABLED) {
3969 /* Quota disable is in progress */
3970 ret = -EBUSY;
3971 }
3972
3973 if (ret) {
3974 mutex_unlock(&fs_info->qgroup_rescan_lock);
3975 return ret;
3976 }
3977 fs_info->qgroup_flags |= BTRFS_QGROUP_STATUS_FLAG_RESCAN;
3978 }
3979
3980 memset(&fs_info->qgroup_rescan_progress, 0,
3981 sizeof(fs_info->qgroup_rescan_progress));
3982 fs_info->qgroup_flags &= ~(BTRFS_QGROUP_RUNTIME_FLAG_CANCEL_RESCAN |
3983 BTRFS_QGROUP_RUNTIME_FLAG_NO_ACCOUNTING);
3984 fs_info->qgroup_rescan_progress.objectid = progress_objectid;
3985 init_completion(&fs_info->qgroup_rescan_completion);
3986 mutex_unlock(&fs_info->qgroup_rescan_lock);
3987
3988 btrfs_init_work(&fs_info->qgroup_rescan_work,
3989 btrfs_qgroup_rescan_worker, NULL);
3990 return 0;
3991}
3992
3993static void
3994qgroup_rescan_zero_tracking(struct btrfs_fs_info *fs_info)
3995{
3996 struct rb_node *n;
3997 struct btrfs_qgroup *qgroup;
3998
3999 spin_lock(&fs_info->qgroup_lock);
4000 /* clear all current qgroup tracking information */
4001 for (n = rb_first(&fs_info->qgroup_tree); n; n = rb_next(n)) {
4002 qgroup = rb_entry(n, struct btrfs_qgroup, node);
4003 qgroup->rfer = 0;
4004 qgroup->rfer_cmpr = 0;
4005 qgroup->excl = 0;
4006 qgroup->excl_cmpr = 0;
4007 qgroup_dirty(fs_info, qgroup);
4008 }
4009 spin_unlock(&fs_info->qgroup_lock);
4010}
4011
4012int
4013btrfs_qgroup_rescan(struct btrfs_fs_info *fs_info)
4014{
4015 int ret = 0;
4016
4017 ret = qgroup_rescan_init(fs_info, 0, 1);
4018 if (ret)
4019 return ret;
4020
4021 /*
4022 * We have set the rescan_progress to 0, which means no more
4023 * delayed refs will be accounted by btrfs_qgroup_account_ref.
4024 * However, btrfs_qgroup_account_ref may be right after its call
4025 * to btrfs_find_all_roots, in which case it would still do the
4026 * accounting.
4027 * To solve this, we're committing the transaction, which will
4028 * ensure we run all delayed refs and only after that, we are
4029 * going to clear all tracking information for a clean start.
4030 */
4031
4032 ret = btrfs_commit_current_transaction(fs_info->fs_root);
4033 if (ret) {
4034 fs_info->qgroup_flags &= ~BTRFS_QGROUP_STATUS_FLAG_RESCAN;
4035 return ret;
4036 }
4037
4038 qgroup_rescan_zero_tracking(fs_info);
4039
4040 mutex_lock(&fs_info->qgroup_rescan_lock);
4041 fs_info->qgroup_rescan_running = true;
4042 btrfs_queue_work(fs_info->qgroup_rescan_workers,
4043 &fs_info->qgroup_rescan_work);
4044 mutex_unlock(&fs_info->qgroup_rescan_lock);
4045
4046 return 0;
4047}
4048
4049int btrfs_qgroup_wait_for_completion(struct btrfs_fs_info *fs_info,
4050 bool interruptible)
4051{
4052 int running;
4053 int ret = 0;
4054
4055 mutex_lock(&fs_info->qgroup_rescan_lock);
4056 running = fs_info->qgroup_rescan_running;
4057 mutex_unlock(&fs_info->qgroup_rescan_lock);
4058
4059 if (!running)
4060 return 0;
4061
4062 if (interruptible)
4063 ret = wait_for_completion_interruptible(
4064 &fs_info->qgroup_rescan_completion);
4065 else
4066 wait_for_completion(&fs_info->qgroup_rescan_completion);
4067
4068 return ret;
4069}
4070
4071/*
4072 * this is only called from open_ctree where we're still single threaded, thus
4073 * locking is omitted here.
4074 */
4075void
4076btrfs_qgroup_rescan_resume(struct btrfs_fs_info *fs_info)
4077{
4078 if (fs_info->qgroup_flags & BTRFS_QGROUP_STATUS_FLAG_RESCAN) {
4079 mutex_lock(&fs_info->qgroup_rescan_lock);
4080 fs_info->qgroup_rescan_running = true;
4081 btrfs_queue_work(fs_info->qgroup_rescan_workers,
4082 &fs_info->qgroup_rescan_work);
4083 mutex_unlock(&fs_info->qgroup_rescan_lock);
4084 }
4085}
4086
4087#define rbtree_iterate_from_safe(node, next, start) \
4088 for (node = start; node && ({ next = rb_next(node); 1;}); node = next)
4089
4090static int qgroup_unreserve_range(struct btrfs_inode *inode,
4091 struct extent_changeset *reserved, u64 start,
4092 u64 len)
4093{
4094 struct rb_node *node;
4095 struct rb_node *next;
4096 struct ulist_node *entry;
4097 int ret = 0;
4098
4099 node = reserved->range_changed.root.rb_node;
4100 if (!node)
4101 return 0;
4102 while (node) {
4103 entry = rb_entry(node, struct ulist_node, rb_node);
4104 if (entry->val < start)
4105 node = node->rb_right;
4106 else
4107 node = node->rb_left;
4108 }
4109
4110 if (entry->val > start && rb_prev(&entry->rb_node))
4111 entry = rb_entry(rb_prev(&entry->rb_node), struct ulist_node,
4112 rb_node);
4113
4114 rbtree_iterate_from_safe(node, next, &entry->rb_node) {
4115 u64 entry_start;
4116 u64 entry_end;
4117 u64 entry_len;
4118 int clear_ret;
4119
4120 entry = rb_entry(node, struct ulist_node, rb_node);
4121 entry_start = entry->val;
4122 entry_end = entry->aux;
4123 entry_len = entry_end - entry_start + 1;
4124
4125 if (entry_start >= start + len)
4126 break;
4127 if (entry_start + entry_len <= start)
4128 continue;
4129 /*
4130 * Now the entry is in [start, start + len), revert the
4131 * EXTENT_QGROUP_RESERVED bit.
4132 */
4133 clear_ret = clear_extent_bits(&inode->io_tree, entry_start,
4134 entry_end, EXTENT_QGROUP_RESERVED);
4135 if (!ret && clear_ret < 0)
4136 ret = clear_ret;
4137
4138 ulist_del(&reserved->range_changed, entry->val, entry->aux);
4139 if (likely(reserved->bytes_changed >= entry_len)) {
4140 reserved->bytes_changed -= entry_len;
4141 } else {
4142 WARN_ON(1);
4143 reserved->bytes_changed = 0;
4144 }
4145 }
4146
4147 return ret;
4148}
4149
4150/*
4151 * Try to free some space for qgroup.
4152 *
4153 * For qgroup, there are only 3 ways to free qgroup space:
4154 * - Flush nodatacow write
4155 * Any nodatacow write will free its reserved data space at run_delalloc_range().
4156 * In theory, we should only flush nodatacow inodes, but it's not yet
4157 * possible, so we need to flush the whole root.
4158 *
4159 * - Wait for ordered extents
4160 * When ordered extents are finished, their reserved metadata is finally
4161 * converted to per_trans status, which can be freed by later commit
4162 * transaction.
4163 *
4164 * - Commit transaction
4165 * This would free the meta_per_trans space.
4166 * In theory this shouldn't provide much space, but any more qgroup space
4167 * is needed.
4168 */
4169static int try_flush_qgroup(struct btrfs_root *root)
4170{
4171 int ret;
4172
4173 /* Can't hold an open transaction or we run the risk of deadlocking. */
4174 ASSERT(current->journal_info == NULL);
4175 if (WARN_ON(current->journal_info))
4176 return 0;
4177
4178 /*
4179 * We don't want to run flush again and again, so if there is a running
4180 * one, we won't try to start a new flush, but exit directly.
4181 */
4182 if (test_and_set_bit(BTRFS_ROOT_QGROUP_FLUSHING, &root->state)) {
4183 wait_event(root->qgroup_flush_wait,
4184 !test_bit(BTRFS_ROOT_QGROUP_FLUSHING, &root->state));
4185 return 0;
4186 }
4187
4188 ret = btrfs_start_delalloc_snapshot(root, true);
4189 if (ret < 0)
4190 goto out;
4191 btrfs_wait_ordered_extents(root, U64_MAX, NULL);
4192
4193 /*
4194 * After waiting for ordered extents run delayed iputs in order to free
4195 * space from unlinked files before committing the current transaction,
4196 * as ordered extents may have been holding the last reference of an
4197 * inode and they add a delayed iput when they complete.
4198 */
4199 btrfs_run_delayed_iputs(root->fs_info);
4200 btrfs_wait_on_delayed_iputs(root->fs_info);
4201
4202 ret = btrfs_commit_current_transaction(root);
4203out:
4204 clear_bit(BTRFS_ROOT_QGROUP_FLUSHING, &root->state);
4205 wake_up(&root->qgroup_flush_wait);
4206 return ret;
4207}
4208
4209static int qgroup_reserve_data(struct btrfs_inode *inode,
4210 struct extent_changeset **reserved_ret, u64 start,
4211 u64 len)
4212{
4213 struct btrfs_root *root = inode->root;
4214 struct extent_changeset *reserved;
4215 bool new_reserved = false;
4216 u64 orig_reserved;
4217 u64 to_reserve;
4218 int ret;
4219
4220 if (btrfs_qgroup_mode(root->fs_info) == BTRFS_QGROUP_MODE_DISABLED ||
4221 !is_fstree(btrfs_root_id(root)) || len == 0)
4222 return 0;
4223
4224 /* @reserved parameter is mandatory for qgroup */
4225 if (WARN_ON(!reserved_ret))
4226 return -EINVAL;
4227 if (!*reserved_ret) {
4228 new_reserved = true;
4229 *reserved_ret = extent_changeset_alloc();
4230 if (!*reserved_ret)
4231 return -ENOMEM;
4232 }
4233 reserved = *reserved_ret;
4234 /* Record already reserved space */
4235 orig_reserved = reserved->bytes_changed;
4236 ret = set_record_extent_bits(&inode->io_tree, start,
4237 start + len -1, EXTENT_QGROUP_RESERVED, reserved);
4238
4239 /* Newly reserved space */
4240 to_reserve = reserved->bytes_changed - orig_reserved;
4241 trace_btrfs_qgroup_reserve_data(&inode->vfs_inode, start, len,
4242 to_reserve, QGROUP_RESERVE);
4243 if (ret < 0)
4244 goto out;
4245 ret = qgroup_reserve(root, to_reserve, true, BTRFS_QGROUP_RSV_DATA);
4246 if (ret < 0)
4247 goto cleanup;
4248
4249 return ret;
4250
4251cleanup:
4252 qgroup_unreserve_range(inode, reserved, start, len);
4253out:
4254 if (new_reserved) {
4255 extent_changeset_free(reserved);
4256 *reserved_ret = NULL;
4257 }
4258 return ret;
4259}
4260
4261/*
4262 * Reserve qgroup space for range [start, start + len).
4263 *
4264 * This function will either reserve space from related qgroups or do nothing
4265 * if the range is already reserved.
4266 *
4267 * Return 0 for successful reservation
4268 * Return <0 for error (including -EQUOT)
4269 *
4270 * NOTE: This function may sleep for memory allocation, dirty page flushing and
4271 * commit transaction. So caller should not hold any dirty page locked.
4272 */
4273int btrfs_qgroup_reserve_data(struct btrfs_inode *inode,
4274 struct extent_changeset **reserved_ret, u64 start,
4275 u64 len)
4276{
4277 int ret;
4278
4279 ret = qgroup_reserve_data(inode, reserved_ret, start, len);
4280 if (ret <= 0 && ret != -EDQUOT)
4281 return ret;
4282
4283 ret = try_flush_qgroup(inode->root);
4284 if (ret < 0)
4285 return ret;
4286 return qgroup_reserve_data(inode, reserved_ret, start, len);
4287}
4288
4289/* Free ranges specified by @reserved, normally in error path */
4290static int qgroup_free_reserved_data(struct btrfs_inode *inode,
4291 struct extent_changeset *reserved,
4292 u64 start, u64 len, u64 *freed_ret)
4293{
4294 struct btrfs_root *root = inode->root;
4295 struct ulist_node *unode;
4296 struct ulist_iterator uiter;
4297 struct extent_changeset changeset;
4298 u64 freed = 0;
4299 int ret;
4300
4301 extent_changeset_init(&changeset);
4302 len = round_up(start + len, root->fs_info->sectorsize);
4303 start = round_down(start, root->fs_info->sectorsize);
4304
4305 ULIST_ITER_INIT(&uiter);
4306 while ((unode = ulist_next(&reserved->range_changed, &uiter))) {
4307 u64 range_start = unode->val;
4308 /* unode->aux is the inclusive end */
4309 u64 range_len = unode->aux - range_start + 1;
4310 u64 free_start;
4311 u64 free_len;
4312
4313 extent_changeset_release(&changeset);
4314
4315 /* Only free range in range [start, start + len) */
4316 if (range_start >= start + len ||
4317 range_start + range_len <= start)
4318 continue;
4319 free_start = max(range_start, start);
4320 free_len = min(start + len, range_start + range_len) -
4321 free_start;
4322 /*
4323 * TODO: To also modify reserved->ranges_reserved to reflect
4324 * the modification.
4325 *
4326 * However as long as we free qgroup reserved according to
4327 * EXTENT_QGROUP_RESERVED, we won't double free.
4328 * So not need to rush.
4329 */
4330 ret = clear_record_extent_bits(&inode->io_tree, free_start,
4331 free_start + free_len - 1,
4332 EXTENT_QGROUP_RESERVED, &changeset);
4333 if (ret < 0)
4334 goto out;
4335 freed += changeset.bytes_changed;
4336 }
4337 btrfs_qgroup_free_refroot(root->fs_info, btrfs_root_id(root), freed,
4338 BTRFS_QGROUP_RSV_DATA);
4339 if (freed_ret)
4340 *freed_ret = freed;
4341 ret = 0;
4342out:
4343 extent_changeset_release(&changeset);
4344 return ret;
4345}
4346
4347static int __btrfs_qgroup_release_data(struct btrfs_inode *inode,
4348 struct extent_changeset *reserved, u64 start, u64 len,
4349 u64 *released, int free)
4350{
4351 struct extent_changeset changeset;
4352 int trace_op = QGROUP_RELEASE;
4353 int ret;
4354
4355 if (btrfs_qgroup_mode(inode->root->fs_info) == BTRFS_QGROUP_MODE_DISABLED) {
4356 return clear_record_extent_bits(&inode->io_tree, start,
4357 start + len - 1,
4358 EXTENT_QGROUP_RESERVED, NULL);
4359 }
4360
4361 /* In release case, we shouldn't have @reserved */
4362 WARN_ON(!free && reserved);
4363 if (free && reserved)
4364 return qgroup_free_reserved_data(inode, reserved, start, len, released);
4365 extent_changeset_init(&changeset);
4366 ret = clear_record_extent_bits(&inode->io_tree, start, start + len -1,
4367 EXTENT_QGROUP_RESERVED, &changeset);
4368 if (ret < 0)
4369 goto out;
4370
4371 if (free)
4372 trace_op = QGROUP_FREE;
4373 trace_btrfs_qgroup_release_data(&inode->vfs_inode, start, len,
4374 changeset.bytes_changed, trace_op);
4375 if (free)
4376 btrfs_qgroup_free_refroot(inode->root->fs_info,
4377 btrfs_root_id(inode->root),
4378 changeset.bytes_changed, BTRFS_QGROUP_RSV_DATA);
4379 if (released)
4380 *released = changeset.bytes_changed;
4381out:
4382 extent_changeset_release(&changeset);
4383 return ret;
4384}
4385
4386/*
4387 * Free a reserved space range from io_tree and related qgroups
4388 *
4389 * Should be called when a range of pages get invalidated before reaching disk.
4390 * Or for error cleanup case.
4391 * if @reserved is given, only reserved range in [@start, @start + @len) will
4392 * be freed.
4393 *
4394 * For data written to disk, use btrfs_qgroup_release_data().
4395 *
4396 * NOTE: This function may sleep for memory allocation.
4397 */
4398int btrfs_qgroup_free_data(struct btrfs_inode *inode,
4399 struct extent_changeset *reserved,
4400 u64 start, u64 len, u64 *freed)
4401{
4402 return __btrfs_qgroup_release_data(inode, reserved, start, len, freed, 1);
4403}
4404
4405/*
4406 * Release a reserved space range from io_tree only.
4407 *
4408 * Should be called when a range of pages get written to disk and corresponding
4409 * FILE_EXTENT is inserted into corresponding root.
4410 *
4411 * Since new qgroup accounting framework will only update qgroup numbers at
4412 * commit_transaction() time, its reserved space shouldn't be freed from
4413 * related qgroups.
4414 *
4415 * But we should release the range from io_tree, to allow further write to be
4416 * COWed.
4417 *
4418 * NOTE: This function may sleep for memory allocation.
4419 */
4420int btrfs_qgroup_release_data(struct btrfs_inode *inode, u64 start, u64 len, u64 *released)
4421{
4422 return __btrfs_qgroup_release_data(inode, NULL, start, len, released, 0);
4423}
4424
4425static void add_root_meta_rsv(struct btrfs_root *root, int num_bytes,
4426 enum btrfs_qgroup_rsv_type type)
4427{
4428 if (type != BTRFS_QGROUP_RSV_META_PREALLOC &&
4429 type != BTRFS_QGROUP_RSV_META_PERTRANS)
4430 return;
4431 if (num_bytes == 0)
4432 return;
4433
4434 spin_lock(&root->qgroup_meta_rsv_lock);
4435 if (type == BTRFS_QGROUP_RSV_META_PREALLOC)
4436 root->qgroup_meta_rsv_prealloc += num_bytes;
4437 else
4438 root->qgroup_meta_rsv_pertrans += num_bytes;
4439 spin_unlock(&root->qgroup_meta_rsv_lock);
4440}
4441
4442static int sub_root_meta_rsv(struct btrfs_root *root, int num_bytes,
4443 enum btrfs_qgroup_rsv_type type)
4444{
4445 if (type != BTRFS_QGROUP_RSV_META_PREALLOC &&
4446 type != BTRFS_QGROUP_RSV_META_PERTRANS)
4447 return 0;
4448 if (num_bytes == 0)
4449 return 0;
4450
4451 spin_lock(&root->qgroup_meta_rsv_lock);
4452 if (type == BTRFS_QGROUP_RSV_META_PREALLOC) {
4453 num_bytes = min_t(u64, root->qgroup_meta_rsv_prealloc,
4454 num_bytes);
4455 root->qgroup_meta_rsv_prealloc -= num_bytes;
4456 } else {
4457 num_bytes = min_t(u64, root->qgroup_meta_rsv_pertrans,
4458 num_bytes);
4459 root->qgroup_meta_rsv_pertrans -= num_bytes;
4460 }
4461 spin_unlock(&root->qgroup_meta_rsv_lock);
4462 return num_bytes;
4463}
4464
4465int btrfs_qgroup_reserve_meta(struct btrfs_root *root, int num_bytes,
4466 enum btrfs_qgroup_rsv_type type, bool enforce)
4467{
4468 struct btrfs_fs_info *fs_info = root->fs_info;
4469 int ret;
4470
4471 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_DISABLED ||
4472 !is_fstree(btrfs_root_id(root)) || num_bytes == 0)
4473 return 0;
4474
4475 BUG_ON(num_bytes != round_down(num_bytes, fs_info->nodesize));
4476 trace_qgroup_meta_reserve(root, (s64)num_bytes, type);
4477 ret = qgroup_reserve(root, num_bytes, enforce, type);
4478 if (ret < 0)
4479 return ret;
4480 /*
4481 * Record what we have reserved into root.
4482 *
4483 * To avoid quota disabled->enabled underflow.
4484 * In that case, we may try to free space we haven't reserved
4485 * (since quota was disabled), so record what we reserved into root.
4486 * And ensure later release won't underflow this number.
4487 */
4488 add_root_meta_rsv(root, num_bytes, type);
4489 return ret;
4490}
4491
4492int __btrfs_qgroup_reserve_meta(struct btrfs_root *root, int num_bytes,
4493 enum btrfs_qgroup_rsv_type type, bool enforce,
4494 bool noflush)
4495{
4496 int ret;
4497
4498 ret = btrfs_qgroup_reserve_meta(root, num_bytes, type, enforce);
4499 if ((ret <= 0 && ret != -EDQUOT) || noflush)
4500 return ret;
4501
4502 ret = try_flush_qgroup(root);
4503 if (ret < 0)
4504 return ret;
4505 return btrfs_qgroup_reserve_meta(root, num_bytes, type, enforce);
4506}
4507
4508/*
4509 * Per-transaction meta reservation should be all freed at transaction commit
4510 * time
4511 */
4512void btrfs_qgroup_free_meta_all_pertrans(struct btrfs_root *root)
4513{
4514 struct btrfs_fs_info *fs_info = root->fs_info;
4515
4516 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_DISABLED ||
4517 !is_fstree(btrfs_root_id(root)))
4518 return;
4519
4520 /* TODO: Update trace point to handle such free */
4521 trace_qgroup_meta_free_all_pertrans(root);
4522 /* Special value -1 means to free all reserved space */
4523 btrfs_qgroup_free_refroot(fs_info, btrfs_root_id(root), (u64)-1,
4524 BTRFS_QGROUP_RSV_META_PERTRANS);
4525}
4526
4527void __btrfs_qgroup_free_meta(struct btrfs_root *root, int num_bytes,
4528 enum btrfs_qgroup_rsv_type type)
4529{
4530 struct btrfs_fs_info *fs_info = root->fs_info;
4531
4532 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_DISABLED ||
4533 !is_fstree(btrfs_root_id(root)))
4534 return;
4535
4536 /*
4537 * reservation for META_PREALLOC can happen before quota is enabled,
4538 * which can lead to underflow.
4539 * Here ensure we will only free what we really have reserved.
4540 */
4541 num_bytes = sub_root_meta_rsv(root, num_bytes, type);
4542 BUG_ON(num_bytes != round_down(num_bytes, fs_info->nodesize));
4543 trace_qgroup_meta_reserve(root, -(s64)num_bytes, type);
4544 btrfs_qgroup_free_refroot(fs_info, btrfs_root_id(root), num_bytes, type);
4545}
4546
4547static void qgroup_convert_meta(struct btrfs_fs_info *fs_info, u64 ref_root,
4548 int num_bytes)
4549{
4550 struct btrfs_qgroup *qgroup;
4551 LIST_HEAD(qgroup_list);
4552
4553 if (num_bytes == 0)
4554 return;
4555 if (!fs_info->quota_root)
4556 return;
4557
4558 spin_lock(&fs_info->qgroup_lock);
4559 qgroup = find_qgroup_rb(fs_info, ref_root);
4560 if (!qgroup)
4561 goto out;
4562
4563 qgroup_iterator_add(&qgroup_list, qgroup);
4564 list_for_each_entry(qgroup, &qgroup_list, iterator) {
4565 struct btrfs_qgroup_list *glist;
4566
4567 qgroup_rsv_release(fs_info, qgroup, num_bytes,
4568 BTRFS_QGROUP_RSV_META_PREALLOC);
4569 if (!sb_rdonly(fs_info->sb))
4570 qgroup_rsv_add(fs_info, qgroup, num_bytes,
4571 BTRFS_QGROUP_RSV_META_PERTRANS);
4572
4573 list_for_each_entry(glist, &qgroup->groups, next_group)
4574 qgroup_iterator_add(&qgroup_list, glist->group);
4575 }
4576out:
4577 qgroup_iterator_clean(&qgroup_list);
4578 spin_unlock(&fs_info->qgroup_lock);
4579}
4580
4581/*
4582 * Convert @num_bytes of META_PREALLOCATED reservation to META_PERTRANS.
4583 *
4584 * This is called when preallocated meta reservation needs to be used.
4585 * Normally after btrfs_join_transaction() call.
4586 */
4587void btrfs_qgroup_convert_reserved_meta(struct btrfs_root *root, int num_bytes)
4588{
4589 struct btrfs_fs_info *fs_info = root->fs_info;
4590
4591 if (btrfs_qgroup_mode(fs_info) == BTRFS_QGROUP_MODE_DISABLED ||
4592 !is_fstree(btrfs_root_id(root)))
4593 return;
4594 /* Same as btrfs_qgroup_free_meta_prealloc() */
4595 num_bytes = sub_root_meta_rsv(root, num_bytes,
4596 BTRFS_QGROUP_RSV_META_PREALLOC);
4597 trace_qgroup_meta_convert(root, num_bytes);
4598 qgroup_convert_meta(fs_info, btrfs_root_id(root), num_bytes);
4599 if (!sb_rdonly(fs_info->sb))
4600 add_root_meta_rsv(root, num_bytes, BTRFS_QGROUP_RSV_META_PERTRANS);
4601}
4602
4603/*
4604 * Check qgroup reserved space leaking, normally at destroy inode
4605 * time
4606 */
4607void btrfs_qgroup_check_reserved_leak(struct btrfs_inode *inode)
4608{
4609 struct extent_changeset changeset;
4610 struct ulist_node *unode;
4611 struct ulist_iterator iter;
4612 int ret;
4613
4614 extent_changeset_init(&changeset);
4615 ret = clear_record_extent_bits(&inode->io_tree, 0, (u64)-1,
4616 EXTENT_QGROUP_RESERVED, &changeset);
4617
4618 WARN_ON(ret < 0);
4619 if (WARN_ON(changeset.bytes_changed)) {
4620 ULIST_ITER_INIT(&iter);
4621 while ((unode = ulist_next(&changeset.range_changed, &iter))) {
4622 btrfs_warn(inode->root->fs_info,
4623 "leaking qgroup reserved space, ino: %llu, start: %llu, end: %llu",
4624 btrfs_ino(inode), unode->val, unode->aux);
4625 }
4626 btrfs_qgroup_free_refroot(inode->root->fs_info,
4627 btrfs_root_id(inode->root),
4628 changeset.bytes_changed, BTRFS_QGROUP_RSV_DATA);
4629
4630 }
4631 extent_changeset_release(&changeset);
4632}
4633
4634void btrfs_qgroup_init_swapped_blocks(
4635 struct btrfs_qgroup_swapped_blocks *swapped_blocks)
4636{
4637 int i;
4638
4639 spin_lock_init(&swapped_blocks->lock);
4640 for (i = 0; i < BTRFS_MAX_LEVEL; i++)
4641 swapped_blocks->blocks[i] = RB_ROOT;
4642 swapped_blocks->swapped = false;
4643}
4644
4645/*
4646 * Delete all swapped blocks record of @root.
4647 * Every record here means we skipped a full subtree scan for qgroup.
4648 *
4649 * Gets called when committing one transaction.
4650 */
4651void btrfs_qgroup_clean_swapped_blocks(struct btrfs_root *root)
4652{
4653 struct btrfs_qgroup_swapped_blocks *swapped_blocks;
4654 int i;
4655
4656 swapped_blocks = &root->swapped_blocks;
4657
4658 spin_lock(&swapped_blocks->lock);
4659 if (!swapped_blocks->swapped)
4660 goto out;
4661 for (i = 0; i < BTRFS_MAX_LEVEL; i++) {
4662 struct rb_root *cur_root = &swapped_blocks->blocks[i];
4663 struct btrfs_qgroup_swapped_block *entry;
4664 struct btrfs_qgroup_swapped_block *next;
4665
4666 rbtree_postorder_for_each_entry_safe(entry, next, cur_root,
4667 node)
4668 kfree(entry);
4669 swapped_blocks->blocks[i] = RB_ROOT;
4670 }
4671 swapped_blocks->swapped = false;
4672out:
4673 spin_unlock(&swapped_blocks->lock);
4674}
4675
4676/*
4677 * Add subtree roots record into @subvol_root.
4678 *
4679 * @subvol_root: tree root of the subvolume tree get swapped
4680 * @bg: block group under balance
4681 * @subvol_parent/slot: pointer to the subtree root in subvolume tree
4682 * @reloc_parent/slot: pointer to the subtree root in reloc tree
4683 * BOTH POINTERS ARE BEFORE TREE SWAP
4684 * @last_snapshot: last snapshot generation of the subvolume tree
4685 */
4686int btrfs_qgroup_add_swapped_blocks(struct btrfs_root *subvol_root,
4687 struct btrfs_block_group *bg,
4688 struct extent_buffer *subvol_parent, int subvol_slot,
4689 struct extent_buffer *reloc_parent, int reloc_slot,
4690 u64 last_snapshot)
4691{
4692 struct btrfs_fs_info *fs_info = subvol_root->fs_info;
4693 struct btrfs_qgroup_swapped_blocks *blocks = &subvol_root->swapped_blocks;
4694 struct btrfs_qgroup_swapped_block *block;
4695 struct rb_node **cur;
4696 struct rb_node *parent = NULL;
4697 int level = btrfs_header_level(subvol_parent) - 1;
4698 int ret = 0;
4699
4700 if (!btrfs_qgroup_full_accounting(fs_info))
4701 return 0;
4702
4703 if (btrfs_node_ptr_generation(subvol_parent, subvol_slot) >
4704 btrfs_node_ptr_generation(reloc_parent, reloc_slot)) {
4705 btrfs_err_rl(fs_info,
4706 "%s: bad parameter order, subvol_gen=%llu reloc_gen=%llu",
4707 __func__,
4708 btrfs_node_ptr_generation(subvol_parent, subvol_slot),
4709 btrfs_node_ptr_generation(reloc_parent, reloc_slot));
4710 return -EUCLEAN;
4711 }
4712
4713 block = kmalloc(sizeof(*block), GFP_NOFS);
4714 if (!block) {
4715 ret = -ENOMEM;
4716 goto out;
4717 }
4718
4719 /*
4720 * @reloc_parent/slot is still before swap, while @block is going to
4721 * record the bytenr after swap, so we do the swap here.
4722 */
4723 block->subvol_bytenr = btrfs_node_blockptr(reloc_parent, reloc_slot);
4724 block->subvol_generation = btrfs_node_ptr_generation(reloc_parent,
4725 reloc_slot);
4726 block->reloc_bytenr = btrfs_node_blockptr(subvol_parent, subvol_slot);
4727 block->reloc_generation = btrfs_node_ptr_generation(subvol_parent,
4728 subvol_slot);
4729 block->last_snapshot = last_snapshot;
4730 block->level = level;
4731
4732 /*
4733 * If we have bg == NULL, we're called from btrfs_recover_relocation(),
4734 * no one else can modify tree blocks thus we qgroup will not change
4735 * no matter the value of trace_leaf.
4736 */
4737 if (bg && bg->flags & BTRFS_BLOCK_GROUP_DATA)
4738 block->trace_leaf = true;
4739 else
4740 block->trace_leaf = false;
4741 btrfs_node_key_to_cpu(reloc_parent, &block->first_key, reloc_slot);
4742
4743 /* Insert @block into @blocks */
4744 spin_lock(&blocks->lock);
4745 cur = &blocks->blocks[level].rb_node;
4746 while (*cur) {
4747 struct btrfs_qgroup_swapped_block *entry;
4748
4749 parent = *cur;
4750 entry = rb_entry(parent, struct btrfs_qgroup_swapped_block,
4751 node);
4752
4753 if (entry->subvol_bytenr < block->subvol_bytenr) {
4754 cur = &(*cur)->rb_left;
4755 } else if (entry->subvol_bytenr > block->subvol_bytenr) {
4756 cur = &(*cur)->rb_right;
4757 } else {
4758 if (entry->subvol_generation !=
4759 block->subvol_generation ||
4760 entry->reloc_bytenr != block->reloc_bytenr ||
4761 entry->reloc_generation !=
4762 block->reloc_generation) {
4763 /*
4764 * Duplicated but mismatch entry found.
4765 * Shouldn't happen.
4766 *
4767 * Marking qgroup inconsistent should be enough
4768 * for end users.
4769 */
4770 WARN_ON(IS_ENABLED(CONFIG_BTRFS_DEBUG));
4771 ret = -EEXIST;
4772 }
4773 kfree(block);
4774 goto out_unlock;
4775 }
4776 }
4777 rb_link_node(&block->node, parent, cur);
4778 rb_insert_color(&block->node, &blocks->blocks[level]);
4779 blocks->swapped = true;
4780out_unlock:
4781 spin_unlock(&blocks->lock);
4782out:
4783 if (ret < 0)
4784 qgroup_mark_inconsistent(fs_info);
4785 return ret;
4786}
4787
4788/*
4789 * Check if the tree block is a subtree root, and if so do the needed
4790 * delayed subtree trace for qgroup.
4791 *
4792 * This is called during btrfs_cow_block().
4793 */
4794int btrfs_qgroup_trace_subtree_after_cow(struct btrfs_trans_handle *trans,
4795 struct btrfs_root *root,
4796 struct extent_buffer *subvol_eb)
4797{
4798 struct btrfs_fs_info *fs_info = root->fs_info;
4799 struct btrfs_tree_parent_check check = { 0 };
4800 struct btrfs_qgroup_swapped_blocks *blocks = &root->swapped_blocks;
4801 struct btrfs_qgroup_swapped_block *block;
4802 struct extent_buffer *reloc_eb = NULL;
4803 struct rb_node *node;
4804 bool found = false;
4805 bool swapped = false;
4806 int level = btrfs_header_level(subvol_eb);
4807 int ret = 0;
4808 int i;
4809
4810 if (!btrfs_qgroup_full_accounting(fs_info))
4811 return 0;
4812 if (!is_fstree(btrfs_root_id(root)) || !root->reloc_root)
4813 return 0;
4814
4815 spin_lock(&blocks->lock);
4816 if (!blocks->swapped) {
4817 spin_unlock(&blocks->lock);
4818 return 0;
4819 }
4820 node = blocks->blocks[level].rb_node;
4821
4822 while (node) {
4823 block = rb_entry(node, struct btrfs_qgroup_swapped_block, node);
4824 if (block->subvol_bytenr < subvol_eb->start) {
4825 node = node->rb_left;
4826 } else if (block->subvol_bytenr > subvol_eb->start) {
4827 node = node->rb_right;
4828 } else {
4829 found = true;
4830 break;
4831 }
4832 }
4833 if (!found) {
4834 spin_unlock(&blocks->lock);
4835 goto out;
4836 }
4837 /* Found one, remove it from @blocks first and update blocks->swapped */
4838 rb_erase(&block->node, &blocks->blocks[level]);
4839 for (i = 0; i < BTRFS_MAX_LEVEL; i++) {
4840 if (RB_EMPTY_ROOT(&blocks->blocks[i])) {
4841 swapped = true;
4842 break;
4843 }
4844 }
4845 blocks->swapped = swapped;
4846 spin_unlock(&blocks->lock);
4847
4848 check.level = block->level;
4849 check.transid = block->reloc_generation;
4850 check.has_first_key = true;
4851 memcpy(&check.first_key, &block->first_key, sizeof(check.first_key));
4852
4853 /* Read out reloc subtree root */
4854 reloc_eb = read_tree_block(fs_info, block->reloc_bytenr, &check);
4855 if (IS_ERR(reloc_eb)) {
4856 ret = PTR_ERR(reloc_eb);
4857 reloc_eb = NULL;
4858 goto free_out;
4859 }
4860 if (!extent_buffer_uptodate(reloc_eb)) {
4861 ret = -EIO;
4862 goto free_out;
4863 }
4864
4865 ret = qgroup_trace_subtree_swap(trans, reloc_eb, subvol_eb,
4866 block->last_snapshot, block->trace_leaf);
4867free_out:
4868 kfree(block);
4869 free_extent_buffer(reloc_eb);
4870out:
4871 if (ret < 0) {
4872 btrfs_err_rl(fs_info,
4873 "failed to account subtree at bytenr %llu: %d",
4874 subvol_eb->start, ret);
4875 qgroup_mark_inconsistent(fs_info);
4876 }
4877 return ret;
4878}
4879
4880void btrfs_qgroup_destroy_extent_records(struct btrfs_transaction *trans)
4881{
4882 struct btrfs_qgroup_extent_record *entry;
4883 unsigned long index;
4884
4885 xa_for_each(&trans->delayed_refs.dirty_extents, index, entry) {
4886 ulist_free(entry->old_roots);
4887 kfree(entry);
4888 }
4889 xa_destroy(&trans->delayed_refs.dirty_extents);
4890}
4891
4892int btrfs_record_squota_delta(struct btrfs_fs_info *fs_info,
4893 const struct btrfs_squota_delta *delta)
4894{
4895 int ret;
4896 struct btrfs_qgroup *qgroup;
4897 struct btrfs_qgroup *qg;
4898 LIST_HEAD(qgroup_list);
4899 u64 root = delta->root;
4900 u64 num_bytes = delta->num_bytes;
4901 const int sign = (delta->is_inc ? 1 : -1);
4902
4903 if (btrfs_qgroup_mode(fs_info) != BTRFS_QGROUP_MODE_SIMPLE)
4904 return 0;
4905
4906 if (!is_fstree(root))
4907 return 0;
4908
4909 /* If the extent predates enabling quotas, don't count it. */
4910 if (delta->generation < fs_info->qgroup_enable_gen)
4911 return 0;
4912
4913 spin_lock(&fs_info->qgroup_lock);
4914 qgroup = find_qgroup_rb(fs_info, root);
4915 if (!qgroup) {
4916 ret = -ENOENT;
4917 goto out;
4918 }
4919
4920 ret = 0;
4921 qgroup_iterator_add(&qgroup_list, qgroup);
4922 list_for_each_entry(qg, &qgroup_list, iterator) {
4923 struct btrfs_qgroup_list *glist;
4924
4925 qg->excl += num_bytes * sign;
4926 qg->rfer += num_bytes * sign;
4927 qgroup_dirty(fs_info, qg);
4928
4929 list_for_each_entry(glist, &qg->groups, next_group)
4930 qgroup_iterator_add(&qgroup_list, glist->group);
4931 }
4932 qgroup_iterator_clean(&qgroup_list);
4933
4934out:
4935 spin_unlock(&fs_info->qgroup_lock);
4936 return ret;
4937}