72b8ab9dde
Because we can badly over-reserve metadata when we calculate worst-case, it complicates things for quota, since we must reserve and then claim later, retry on EDQUOT, etc. Quota is also a generally smaller pool than fs free blocks, so this over-reservation hurts more, and more often. I'm of the opinion that it's not the worst thing to allow metadata to push a user slightly over quota. This simplifies the code and avoids the false quota rejections that result from worst-case speculation. This patch stops the speculative quota-charging for worst-case metadata requirements, and just charges quota when the blocks are allocated at writeout. It also is able to remove the try-again loop on EDQUOT. This patch has been tested indirectly by running the xfstests suite with a hack to mount & enable quota prior to the test. I also did a more specific test of fragmenting freespace and then doing a large delalloc write under quota; quota stopped me at the right amount of file IO, and then the writeout generated enough metadata (due to the fragmentation) that it put me slightly over quota, as expected. Signed-off-by: Eric Sandeen <sandeen@redhat.com> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> |
||
---|---|---|
.. | ||
acl.c | ||
acl.h | ||
balloc.c | ||
bitmap.c | ||
block_validity.c | ||
dir.c | ||
ext4_extents.h | ||
ext4_jbd2.c | ||
ext4_jbd2.h | ||
ext4.h | ||
extents.c | ||
file.c | ||
fsync.c | ||
hash.c | ||
ialloc.c | ||
inode.c | ||
ioctl.c | ||
Kconfig | ||
Makefile | ||
mballoc.c | ||
mballoc.h | ||
migrate.c | ||
move_extent.c | ||
namei.c | ||
resize.c | ||
super.c | ||
symlink.c | ||
xattr_security.c | ||
xattr_trusted.c | ||
xattr_user.c | ||
xattr.c | ||
xattr.h |