Bug 593045 - 'Add SQLite file size quota management to mozStorage'. r=ted+asuth, a=blocking2.0+.
authorBen Turner <bent.mozilla@gmail.com>
Fri, 03 Sep 2010 07:41:55 -0700
changeset 51972 06f2a47a936f9e05f8a0ebeea40e72f03bd01c3e
parent 51971 13ed98765436d6b3f8254b8b17a625fbcd467ab0
child 51973 950423fb89c8e47ce5de2b125a35ccc3dd5ac250
push idunknown
push userunknown
push dateunknown
reviewersted, blocking2.0
bugs593045
milestone2.0b6pre
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 593045 - 'Add SQLite file size quota management to mozStorage'. r=ted+asuth, a=blocking2.0+.
db/sqlite3/README.MOZILLA
db/sqlite3/src/test_quota.c
storage/public/Makefile.in
storage/public/mozIStorageServiceQuotaManagement.idl
storage/public/storage.h
storage/src/Makefile.in
storage/src/mozStorageConnection.cpp
storage/src/mozStorageConnection.h
storage/src/mozStorageService.cpp
storage/src/mozStorageService.h
--- a/db/sqlite3/README.MOZILLA
+++ b/db/sqlite3/README.MOZILLA
@@ -6,11 +6,20 @@ See http://www.sqlite.org/ for more info
 
 We have a mozilla-specific Makefile.in in src/ (normally no
 Makefile.in there) that we use to build.
 
 To move to a new version:
 
 Simply copy the sqlite3.h and sqlite3.c files from the amalgamation of sqlite.
 
+Also copy test_quota.c from the full source package.
+
 Be sure to update SQLITE_VERSION accordingly in $(topsrcdir)/configure.in.
 
 -- Shawn Wilsher <me@shawnwilsher.com> 01/2008
+
+We are using an experimental quota management feature included in test_quota.c.
+This file is not compiled into mozsqlite, but instead included directly into
+mozStorageService.cpp for linking into mozstorage. This allows us to continue
+supporting system sqlite installations.
+
+-- Ben Turner <bent.mozilla@gmail.com>, 09/2010
new file mode 100644
--- /dev/null
+++ b/db/sqlite3/src/test_quota.c
@@ -0,0 +1,938 @@
+/*
+** 2010 September 31
+**
+** The author disclaims copyright to this source code.  In place of
+** a legal notice, here is a blessing:
+**
+**    May you do good and not evil.
+**    May you find forgiveness for yourself and forgive others.
+**    May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains a VFS "shim" - a layer that sits in between the
+** pager and the real VFS.
+**
+** This particular shim enforces a quota system on files.  One or more
+** database files are in a "quota group" that is defined by a GLOB
+** pattern.  A quota is set for the combined size of all files in the
+** the group.  A quota of zero means "no limit".  If the total size
+** of all files in the quota group is greater than the limit, then
+** write requests that attempt to enlarge a file fail with SQLITE_FULL.
+**
+** However, before returning SQLITE_FULL, the write requests invoke
+** a callback function that is configurable for each quota group.
+** This callback has the opportunity to enlarge the quota.  If the
+** callback does enlarge the quota such that the total size of all
+** files within the group is less than the new quota, then the write
+** continues as if nothing had happened.
+*/
+#include "sqlite3.h"
+#include <string.h>
+#include <assert.h>
+
+/************************ Object Definitions ******************************/
+
+/* Forward declaration of all object types */
+typedef struct quotaGroup quotaGroup;
+typedef struct quotaConn quotaConn;
+typedef struct quotaFile quotaFile;
+
+/*
+** A "quota group" is a collection of files whose collective size we want
+** to limit.  Each quota group is defined by a GLOB pattern.
+**
+** There is an instance of the following object for each defined quota
+** group.  This object records the GLOB pattern that defines which files
+** belong to the quota group.  The object also remembers the size limit
+** for the group (the quota) and the callback to be invoked when the
+** sum of the sizes of the files within the group goes over the limit.
+**
+** A quota group must be established (using sqlite3_quota_set(...))
+** prior to opening any of the database connections that access files
+** within the quota group.
+*/
+struct quotaGroup {
+  const char *zPattern;          /* Filename pattern to be quotaed */
+  sqlite3_int64 iLimit;          /* Upper bound on total file size */
+  sqlite3_int64 iSize;           /* Current size of all files */
+  void (*xCallback)(             /* Callback invoked when going over quota */
+     const char *zFilename,         /* Name of file whose size increases */
+     sqlite3_int64 *piLimit,        /* IN/OUT: The current limit */
+     sqlite3_int64 iSize,           /* Total size of all files in the group */
+     void *pArg                     /* Client data */
+  );
+  void *pArg;                    /* Third argument to the xCallback() */
+  void (*xDestroy)(void*);       /* Optional destructor for pArg */
+  quotaGroup *pNext, **ppPrev;   /* Doubly linked list of all quota objects */
+  quotaFile *pFiles;             /* Files within this group */
+};
+
+/*
+** An instance of this structure represents a single file that is part
+** of a quota group.  A single file can be opened multiple times.  In
+** order keep multiple openings of the same file from causing the size
+** of the file to count against the quota multiple times, each file
+** has a unique instance of this object and multiple open connections
+** to the same file each point to a single instance of this object.
+*/
+struct quotaFile {
+  char *zFilename;                /* Name of this file */
+  quotaGroup *pGroup;             /* Quota group to which this file belongs */
+  sqlite3_int64 iSize;            /* Current size of this file */
+  int nRef;                       /* Number of times this file is open */
+  quotaFile *pNext, **ppPrev;     /* Linked list of files in the same group */
+};
+
+/*
+** An instance of the following object represents each open connection
+** to a file that participates in quota tracking.  This object is a 
+** subclass of sqlite3_file.  The sqlite3_file object for the underlying
+** VFS is appended to this structure.
+*/
+struct quotaConn {
+  sqlite3_file base;              /* Base class - must be first */
+  quotaFile *pFile;               /* The underlying file */
+  /* The underlying VFS sqlite3_file is appended to this object */
+};
+
+/************************* Global Variables **********************************/
+/*
+** All global variables used by this file are containing within the following
+** gQuota structure.
+*/
+static struct {
+  /* The pOrigVfs is the real, original underlying VFS implementation.
+  ** Most operations pass-through to the real VFS.  This value is read-only
+  ** during operation.  It is only modified at start-time and thus does not
+  ** require a mutex.
+  */
+  sqlite3_vfs *pOrigVfs;
+
+  /* The sThisVfs is the VFS structure used by this shim.  It is initialized
+  ** at start-time and thus does not require a mutex
+  */
+  sqlite3_vfs sThisVfs;
+
+  /* The sIoMethods defines the methods used by sqlite3_file objects 
+  ** associated with this shim.  It is initialized at start-time and does
+  ** not require a mutex.
+  **
+  ** When the underlying VFS is called to open a file, it might return 
+  ** either a version 1 or a version 2 sqlite3_file object.  This shim
+  ** has to create a wrapper sqlite3_file of the same version.  Hence
+  ** there are two I/O method structures, one for version 1 and the other
+  ** for version 2.
+  */
+  sqlite3_io_methods sIoMethodsV1;
+  sqlite3_io_methods sIoMethodsV2;
+
+  /* True when this shim as been initialized.
+  */
+  int isInitialized;
+
+  /* For run-time access any of the other global data structures in this
+  ** shim, the following mutex must be held.
+  */
+  sqlite3_mutex *pMutex;
+
+  /* List of quotaGroup objects.
+  */
+  quotaGroup *pGroup;
+
+} gQuota;
+
+/************************* Utility Routines *********************************/
+/*
+** Acquire and release the mutex used to serialize access to the
+** list of quotaGroups.
+*/
+static void quotaEnter(void){ sqlite3_mutex_enter(gQuota.pMutex); }
+static void quotaLeave(void){ sqlite3_mutex_leave(gQuota.pMutex); }
+
+
+/* If the reference count and threshold for a quotaGroup are both
+** zero, then destroy the quotaGroup.
+*/
+static void quotaGroupDeref(quotaGroup *pGroup){
+  if( pGroup->pFiles==0 && pGroup->iLimit==0 ){
+    *pGroup->ppPrev = pGroup->pNext;
+    if( pGroup->pNext ) pGroup->pNext->ppPrev = pGroup->ppPrev;
+    if( pGroup->xDestroy ) pGroup->xDestroy(pGroup->pArg);
+    sqlite3_free(pGroup);
+  }
+}
+
+/*
+** Return TRUE if string z matches glob pattern zGlob.
+**
+** Globbing rules:
+**
+**      '*'       Matches any sequence of zero or more characters.
+**
+**      '?'       Matches exactly one character.
+**
+**     [...]      Matches one character from the enclosed list of
+**                characters.
+**
+**     [^...]     Matches one character not in the enclosed list.
+**
+*/
+static int quotaStrglob(const char *zGlob, const char *z){
+  int c, c2;
+  int invert;
+  int seen;
+
+  while( (c = (*(zGlob++)))!=0 ){
+    if( c=='*' ){
+      while( (c=(*(zGlob++))) == '*' || c=='?' ){
+        if( c=='?' && (*(z++))==0 ) return 0;
+      }
+      if( c==0 ){
+        return 1;
+      }else if( c=='[' ){
+        while( *z && quotaStrglob(zGlob-1,z)==0 ){
+          z++;
+        }
+        return (*z)!=0;
+      }
+      while( (c2 = (*(z++)))!=0 ){
+        while( c2!=c ){
+          c2 = *(z++);
+          if( c2==0 ) return 0;
+        }
+        if( quotaStrglob(zGlob,z) ) return 1;
+      }
+      return 0;
+    }else if( c=='?' ){
+      if( (*(z++))==0 ) return 0;
+    }else if( c=='[' ){
+      int prior_c = 0;
+      seen = 0;
+      invert = 0;
+      c = *(z++);
+      if( c==0 ) return 0;
+      c2 = *(zGlob++);
+      if( c2=='^' ){
+        invert = 1;
+        c2 = *(zGlob++);
+      }
+      if( c2==']' ){
+        if( c==']' ) seen = 1;
+        c2 = *(zGlob++);
+      }
+      while( c2 && c2!=']' ){
+        if( c2=='-' && zGlob[0]!=']' && zGlob[0]!=0 && prior_c>0 ){
+          c2 = *(zGlob++);
+          if( c>=prior_c && c<=c2 ) seen = 1;
+          prior_c = 0;
+        }else{
+          if( c==c2 ){
+            seen = 1;
+          }
+          prior_c = c2;
+        }
+        c2 = *(zGlob++);
+      }
+      if( c2==0 || (seen ^ invert)==0 ) return 0;
+    }else{
+      if( c!=(*(z++)) ) return 0;
+    }
+  }
+  return *z==0;
+}
+
+
+/* Find a quotaGroup given the filename.
+**
+** Return a pointer to the quotaGroup object. Return NULL if not found.
+*/
+static quotaGroup *quotaGroupFind(const char *zFilename){
+  quotaGroup *p;
+  for(p=gQuota.pGroup; p && quotaStrglob(p->zPattern, zFilename)==0;
+      p=p->pNext){}
+  return p;
+}
+
+/* Translate an sqlite3_file* that is really a quotaConn* into
+** the sqlite3_file* for the underlying original VFS.
+*/
+static sqlite3_file *quotaSubOpen(sqlite3_file *pConn){
+  quotaConn *p = (quotaConn*)pConn;
+  return (sqlite3_file*)&p[1];
+}
+
+/************************* VFS Method Wrappers *****************************/
+/*
+** This is the xOpen method used for the "quota" VFS.
+**
+** Most of the work is done by the underlying original VFS.  This method
+** simply links the new file into the appropriate quota group if it is a
+** file that needs to be tracked.
+*/
+static int quotaOpen(
+  sqlite3_vfs *pVfs,          /* The quota VFS */
+  const char *zName,          /* Name of file to be opened */
+  sqlite3_file *pConn,        /* Fill in this file descriptor */
+  int flags,                  /* Flags to control the opening */
+  int *pOutFlags              /* Flags showing results of opening */
+){
+  int rc;                                    /* Result code */         
+  quotaConn *pQuotaOpen;                     /* The new quota file descriptor */
+  quotaFile *pFile;                          /* Corresponding quotaFile obj */
+  quotaGroup *pGroup;                        /* The group file belongs to */
+  sqlite3_file *pSubOpen;                    /* Real file descriptor */
+  sqlite3_vfs *pOrigVfs = gQuota.pOrigVfs;   /* Real VFS */
+
+  /* If the file is not a main database file or a WAL, then use the
+  ** normal xOpen method.
+  */
+  if( (flags & (SQLITE_OPEN_MAIN_DB|SQLITE_OPEN_WAL))==0 ){
+    return pOrigVfs->xOpen(pOrigVfs, zName, pConn, flags, pOutFlags);
+  }
+
+  /* If the name of the file does not match any quota group, then
+  ** use the normal xOpen method.
+  */
+  quotaEnter();
+  pGroup = quotaGroupFind(zName);
+  if( pGroup==0 ){
+    rc = pOrigVfs->xOpen(pOrigVfs, zName, pConn, flags, pOutFlags);
+  }else{
+    /* If we get to this point, it means the file needs to be quota tracked.
+    */
+    pQuotaOpen = (quotaConn*)pConn;
+    pSubOpen = quotaSubOpen(pConn);
+    rc = pOrigVfs->xOpen(pOrigVfs, zName, pSubOpen, flags, pOutFlags);
+    if( rc==SQLITE_OK ){
+      for(pFile=pGroup->pFiles; pFile && strcmp(pFile->zFilename, zName);
+          pFile=pFile->pNext){}
+      if( pFile==0 ){
+        int nName = strlen(zName);
+        pFile = (quotaFile *)sqlite3_malloc( sizeof(*pFile) + nName + 1 );
+        if( pFile==0 ){
+          quotaLeave();
+          pSubOpen->pMethods->xClose(pSubOpen);
+          return SQLITE_NOMEM;
+        }
+        memset(pFile, 0, sizeof(*pFile));
+        pFile->zFilename = (char*)&pFile[1];
+        memcpy(pFile->zFilename, zName, nName+1);
+        pFile->pNext = pGroup->pFiles;
+        if( pGroup->pFiles ) pGroup->pFiles->ppPrev = &pFile->pNext;
+        pFile->ppPrev = &pGroup->pFiles;
+        pGroup->pFiles = pFile;
+        pFile->pGroup = pGroup;
+      }
+      pFile->nRef++;
+      pQuotaOpen->pFile = pFile;
+      if( pSubOpen->pMethods->iVersion==1 ){
+        pQuotaOpen->base.pMethods = &gQuota.sIoMethodsV1;
+      }else{
+        pQuotaOpen->base.pMethods = &gQuota.sIoMethodsV2;
+      }
+    }
+  }
+  quotaLeave();
+  return rc;
+}
+
+/************************ I/O Method Wrappers *******************************/
+
+/* xClose requests get passed through to the original VFS.  But we
+** also have to unlink the quotaConn from the quotaFile and quotaGroup.
+** The quotaFile and/or quotaGroup are freed if they are no longer in use.
+*/
+static int quotaClose(sqlite3_file *pConn){
+  quotaConn *p = (quotaConn*)pConn;
+  quotaFile *pFile = p->pFile;
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  int rc;
+  rc = pSubOpen->pMethods->xClose(pSubOpen);
+  quotaEnter();
+  pFile->nRef--;
+  if( pFile->nRef==0 ){
+    quotaGroup *pGroup = pFile->pGroup;
+    pGroup->iSize -= pFile->iSize;
+    if( pFile->pNext ) pFile->pNext->ppPrev = pFile->ppPrev;
+    *pFile->ppPrev = pFile->pNext;
+    quotaGroupDeref(pGroup);
+    sqlite3_free(pFile);
+  }
+  quotaLeave();
+  return rc;
+}
+
+/* Pass xRead requests directory thru to the original VFS without
+** further processing.
+*/
+static int quotaRead(
+  sqlite3_file *pConn,
+  void *pBuf,
+  int iAmt,
+  sqlite3_int64 iOfst
+){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xRead(pSubOpen, pBuf, iAmt, iOfst);
+}
+
+/* Check xWrite requests to see if they expand the file.  If they do,
+** the perform a quota check before passing them through to the
+** original VFS.
+*/
+static int quotaWrite(
+  sqlite3_file *pConn,
+  const void *pBuf,
+  int iAmt,
+  sqlite3_int64 iOfst
+){
+  quotaConn *p = (quotaConn*)pConn;
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  sqlite3_int64 iEnd = iOfst+iAmt;
+  quotaGroup *pGroup;
+  quotaFile *pFile = p->pFile;
+  sqlite3_int64 szNew;
+
+  if( pFile->iSize<iEnd ){
+    pGroup = pFile->pGroup;
+    quotaEnter();
+    szNew = pGroup->iSize - pFile->iSize + iEnd;
+    if( szNew>pGroup->iLimit && pGroup->iLimit>0 ){
+      if( pGroup->xCallback ){
+        pGroup->xCallback(pFile->zFilename, &pGroup->iLimit, szNew, 
+                          pGroup->pArg);
+      }
+      if( szNew>pGroup->iLimit && pGroup->iLimit>0 ){
+        quotaLeave();
+        return SQLITE_FULL;
+      }
+    }
+    pGroup->iSize = szNew;
+    pFile->iSize = iEnd;
+    quotaLeave();
+  }
+  return pSubOpen->pMethods->xWrite(pSubOpen, pBuf, iAmt, iOfst);
+}
+
+/* Pass xTruncate requests thru to the original VFS.  If the
+** success, update the file size.
+*/
+static int quotaTruncate(sqlite3_file *pConn, sqlite3_int64 size){
+  quotaConn *p = (quotaConn*)pConn;
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  int rc = pSubOpen->pMethods->xTruncate(pSubOpen, size);
+  quotaFile *pFile = p->pFile;
+  quotaGroup *pGroup;
+  if( rc==SQLITE_OK ){
+    quotaEnter();
+    pGroup = pFile->pGroup;
+    pGroup->iSize -= pFile->iSize;
+    pFile->iSize = size;
+    pGroup->iSize += size;
+    quotaLeave();
+  }
+  return rc;
+}
+
+/* Pass xSync requests through to the original VFS without change
+*/
+static int quotaSync(sqlite3_file *pConn, int flags){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xSync(pSubOpen, flags);
+}
+
+/* Pass xFileSize requests through to the original VFS but then
+** update the quotaGroup with the new size before returning.
+*/
+static int quotaFileSize(sqlite3_file *pConn, sqlite3_int64 *pSize){
+  quotaConn *p = (quotaConn*)pConn;
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  quotaFile *pFile = p->pFile;
+  quotaGroup *pGroup;
+  sqlite3_int64 sz;
+  int rc;
+
+  rc = pSubOpen->pMethods->xFileSize(pSubOpen, &sz);
+  if( rc==SQLITE_OK ){
+    quotaEnter();
+    pGroup = pFile->pGroup;
+    pGroup->iSize -= pFile->iSize;
+    pFile->iSize = sz;
+    pGroup->iSize += sz;
+    quotaLeave();
+    *pSize = sz;
+  }
+  return rc;
+}
+
+/* Pass xLock requests through to the original VFS unchanged.
+*/
+static int quotaLock(sqlite3_file *pConn, int lock){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xLock(pSubOpen, lock);
+}
+
+/* Pass xUnlock requests through to the original VFS unchanged.
+*/
+static int quotaUnlock(sqlite3_file *pConn, int lock){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xUnlock(pSubOpen, lock);
+}
+
+/* Pass xCheckReservedLock requests through to the original VFS unchanged.
+*/
+static int quotaCheckReservedLock(sqlite3_file *pConn, int *pResOut){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xCheckReservedLock(pSubOpen, pResOut);
+}
+
+/* Pass xFileControl requests through to the original VFS unchanged.
+*/
+static int quotaFileControl(sqlite3_file *pConn, int op, void *pArg){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xFileControl(pSubOpen, op, pArg);
+}
+
+/* Pass xSectorSize requests through to the original VFS unchanged.
+*/
+static int quotaSectorSize(sqlite3_file *pConn){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xSectorSize(pSubOpen);
+}
+
+/* Pass xDeviceCharacteristics requests through to the original VFS unchanged.
+*/
+static int quotaDeviceCharacteristics(sqlite3_file *pConn){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xDeviceCharacteristics(pSubOpen);
+}
+
+/* Pass xShmMap requests through to the original VFS unchanged.
+*/
+static int quotaShmMap(
+  sqlite3_file *pConn,            /* Handle open on database file */
+  int iRegion,                    /* Region to retrieve */
+  int szRegion,                   /* Size of regions */
+  int bExtend,                    /* True to extend file if necessary */
+  void volatile **pp              /* OUT: Mapped memory */
+){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xShmMap(pSubOpen, iRegion, szRegion, bExtend, pp);
+}
+
+/* Pass xShmLock requests through to the original VFS unchanged.
+*/
+static int quotaShmLock(
+  sqlite3_file *pConn,       /* Database file holding the shared memory */
+  int ofst,                  /* First lock to acquire or release */
+  int n,                     /* Number of locks to acquire or release */
+  int flags                  /* What to do with the lock */
+){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xShmLock(pSubOpen, ofst, n, flags);
+}
+
+/* Pass xShmBarrier requests through to the original VFS unchanged.
+*/
+static void quotaShmBarrier(sqlite3_file *pConn){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  pSubOpen->pMethods->xShmBarrier(pSubOpen);
+}
+
+/* Pass xShmUnmap requests through to the original VFS unchanged.
+*/
+static int quotaShmUnmap(sqlite3_file *pConn, int deleteFlag){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xShmUnmap(pSubOpen, deleteFlag);
+}
+
+/************************** Public Interfaces *****************************/
+/*
+** Initialize the quota VFS shim.  Use the VFS named zOrigVfsName
+** as the VFS that does the actual work.  Use the default if
+** zOrigVfsName==NULL.  
+**
+** The quota VFS shim is named "quota".  It will become the default
+** VFS if makeDefault is non-zero.
+**
+** THIS ROUTINE IS NOT THREADSAFE.  Call this routine exactly once
+** during start-up.
+*/
+int sqlite3_quota_initialize(const char *zOrigVfsName, int makeDefault){
+  sqlite3_vfs *pOrigVfs;
+  if( gQuota.isInitialized ) return SQLITE_MISUSE;
+  pOrigVfs = sqlite3_vfs_find(zOrigVfsName);
+  if( pOrigVfs==0 ) return SQLITE_ERROR;
+  assert( pOrigVfs!=&gQuota.sThisVfs );
+  gQuota.pMutex = sqlite3_mutex_alloc(SQLITE_MUTEX_FAST);
+  if( !gQuota.pMutex ){
+    return SQLITE_NOMEM;
+  }
+  gQuota.isInitialized = 1;
+  gQuota.pOrigVfs = pOrigVfs;
+  gQuota.sThisVfs = *pOrigVfs;
+  gQuota.sThisVfs.xOpen = quotaOpen;
+  gQuota.sThisVfs.szOsFile += sizeof(quotaConn);
+  gQuota.sThisVfs.zName = "quota";
+  gQuota.sIoMethodsV1.iVersion = 1;
+  gQuota.sIoMethodsV1.xClose = quotaClose;
+  gQuota.sIoMethodsV1.xRead = quotaRead;
+  gQuota.sIoMethodsV1.xWrite = quotaWrite;
+  gQuota.sIoMethodsV1.xTruncate = quotaTruncate;
+  gQuota.sIoMethodsV1.xSync = quotaSync;
+  gQuota.sIoMethodsV1.xFileSize = quotaFileSize;
+  gQuota.sIoMethodsV1.xLock = quotaLock;
+  gQuota.sIoMethodsV1.xUnlock = quotaUnlock;
+  gQuota.sIoMethodsV1.xCheckReservedLock = quotaCheckReservedLock;
+  gQuota.sIoMethodsV1.xFileControl = quotaFileControl;
+  gQuota.sIoMethodsV1.xSectorSize = quotaSectorSize;
+  gQuota.sIoMethodsV1.xDeviceCharacteristics = quotaDeviceCharacteristics;
+  gQuota.sIoMethodsV2 = gQuota.sIoMethodsV1;
+  gQuota.sIoMethodsV2.iVersion = 2;
+  gQuota.sIoMethodsV2.xShmMap = quotaShmMap;
+  gQuota.sIoMethodsV2.xShmLock = quotaShmLock;
+  gQuota.sIoMethodsV2.xShmBarrier = quotaShmBarrier;
+  gQuota.sIoMethodsV2.xShmUnmap = quotaShmUnmap;
+  sqlite3_vfs_register(&gQuota.sThisVfs, makeDefault);
+  return SQLITE_OK;
+}
+
+/*
+** Shutdown the quota system.
+**
+** All SQLite database connections must be closed before calling this
+** routine.
+**
+** THIS ROUTINE IS NOT THREADSAFE.  Call this routine exactly one while
+** shutting down in order to free all remaining quota groups.
+*/
+int sqlite3_quota_shutdown(void){
+  quotaGroup *pGroup;
+  if( gQuota.isInitialized==0 ) return SQLITE_MISUSE;
+  for(pGroup=gQuota.pGroup; pGroup; pGroup=pGroup->pNext){
+    if( pGroup->pFiles ) return SQLITE_MISUSE;
+  }
+  while( gQuota.pGroup ){
+    pGroup = gQuota.pGroup;
+    gQuota.pGroup = pGroup->pNext;
+    pGroup->iLimit = 0;
+    quotaGroupDeref(pGroup);
+  }
+  gQuota.isInitialized = 0;
+  sqlite3_mutex_free(gQuota.pMutex);
+  sqlite3_vfs_unregister(&gQuota.sThisVfs);
+  memset(&gQuota, 0, sizeof(gQuota));
+  return SQLITE_OK;
+}
+
+/*
+** Create or destroy a quota group.
+**
+** The quota group is defined by the zPattern.  When calling this routine
+** with a zPattern for a quota group that already exists, this routine
+** merely updates the iLimit, xCallback, and pArg values for that quota
+** group.  If zPattern is new, then a new quota group is created.
+**
+** If the iLimit for a quota group is set to zero, then the quota group
+** is disabled and will be deleted when the last database connection using
+** the quota group is closed.
+**
+** Calling this routine on a zPattern that does not exist and with a
+** zero iLimit is a no-op.
+**
+** A quota group must exist with a non-zero iLimit prior to opening
+** database connections if those connections are to participate in the
+** quota group.  Creating a quota group does not affect database connections
+** that are already open.
+*/
+int sqlite3_quota_set(
+  const char *zPattern,           /* The filename pattern */
+  sqlite3_int64 iLimit,           /* New quota to set for this quota group */
+  void (*xCallback)(              /* Callback invoked when going over quota */
+     const char *zFilename,         /* Name of file whose size increases */
+     sqlite3_int64 *piLimit,        /* IN/OUT: The current limit */
+     sqlite3_int64 iSize,           /* Total size of all files in the group */
+     void *pArg                     /* Client data */
+  ),
+  void *pArg,                     /* client data passed thru to callback */
+  void (*xDestroy)(void*)         /* Optional destructor for pArg */
+){
+  quotaGroup *pGroup;
+  quotaEnter();
+  pGroup = gQuota.pGroup;
+  while( pGroup && strcmp(pGroup->zPattern, zPattern)!=0 ){
+    pGroup = pGroup->pNext;
+  }
+  if( pGroup==0 ){
+    int nPattern = strlen(zPattern);
+    if( iLimit<=0 ){
+      quotaLeave();
+      return SQLITE_OK;
+    }
+    pGroup = (quotaGroup *)sqlite3_malloc( sizeof(*pGroup) + nPattern + 1 );
+    if( pGroup==0 ){
+      quotaLeave();
+      return SQLITE_NOMEM;
+    }
+    memset(pGroup, 0, sizeof(*pGroup));
+    pGroup->zPattern = (char*)&pGroup[1];
+    memcpy((char *)pGroup->zPattern, zPattern, nPattern+1);
+    if( gQuota.pGroup ) gQuota.pGroup->ppPrev = &pGroup->pNext;
+    pGroup->pNext = gQuota.pGroup;
+    pGroup->ppPrev = &gQuota.pGroup;
+    gQuota.pGroup = pGroup;
+  }
+  pGroup->iLimit = iLimit;
+  pGroup->xCallback = xCallback;
+  if( pGroup->xDestroy && pGroup->pArg!=pArg ){
+    pGroup->xDestroy(pGroup->pArg);
+  }
+  pGroup->pArg = pArg;
+  pGroup->xDestroy = xDestroy;
+  quotaGroupDeref(pGroup);
+  quotaLeave();
+  return SQLITE_OK;
+}
+
+  
+/***************************** Test Code ***********************************/
+#ifdef SQLITE_TEST
+#include <tcl.h>
+
+/*
+** Argument passed to a TCL quota-over-limit callback.
+*/
+typedef struct TclQuotaCallback TclQuotaCallback;
+struct TclQuotaCallback {
+  Tcl_Interp *interp;    /* Interpreter in which to run the script */
+  Tcl_Obj *pScript;      /* Script to be run */
+};
+
+extern const char *sqlite3TestErrorName(int);
+
+
+/*
+** This is the callback from a quota-over-limit.
+*/
+static void tclQuotaCallback(
+  const char *zFilename,          /* Name of file whose size increases */
+  sqlite3_int64 *piLimit,         /* IN/OUT: The current limit */
+  sqlite3_int64 iSize,            /* Total size of all files in the group */
+  void *pArg                      /* Client data */
+){
+  TclQuotaCallback *p;            /* Callback script object */
+  Tcl_Obj *pEval;                 /* Script to evaluate */
+  Tcl_Obj *pVarname;              /* Name of variable to pass as 2nd arg */
+  unsigned int rnd;               /* Random part of pVarname */
+  int rc;                         /* Tcl error code */
+
+  p = (TclQuotaCallback *)pArg;
+  if( p==0 ) return;
+
+  pVarname = Tcl_NewStringObj("::piLimit_", -1);
+  Tcl_IncrRefCount(pVarname);
+  sqlite3_randomness(sizeof(rnd), (void *)&rnd);
+  Tcl_AppendObjToObj(pVarname, Tcl_NewIntObj((int)(rnd&0x7FFFFFFF)));
+  Tcl_ObjSetVar2(p->interp, pVarname, 0, Tcl_NewWideIntObj(*piLimit), 0);
+
+  pEval = Tcl_DuplicateObj(p->pScript);
+  Tcl_IncrRefCount(pEval);
+  Tcl_ListObjAppendElement(0, pEval, Tcl_NewStringObj(zFilename, -1));
+  Tcl_ListObjAppendElement(0, pEval, pVarname);
+  Tcl_ListObjAppendElement(0, pEval, Tcl_NewWideIntObj(iSize));
+  rc = Tcl_EvalObjEx(p->interp, pEval, TCL_EVAL_GLOBAL);
+
+  if( rc==TCL_OK ){
+    Tcl_Obj *pLimit = Tcl_ObjGetVar2(p->interp, pVarname, 0, 0);
+    rc = Tcl_GetWideIntFromObj(p->interp, pLimit, piLimit);
+    Tcl_UnsetVar(p->interp, Tcl_GetString(pVarname), 0);
+  }
+
+  Tcl_DecrRefCount(pEval);
+  Tcl_DecrRefCount(pVarname);
+  if( rc!=TCL_OK ) Tcl_BackgroundError(p->interp);
+}
+
+/*
+** Destructor for a TCL quota-over-limit callback.
+*/
+static void tclCallbackDestructor(void *pObj){
+  TclQuotaCallback *p = (TclQuotaCallback*)pObj;
+  if( p ){
+    Tcl_DecrRefCount(p->pScript);
+    sqlite3_free((char *)p);
+  }
+}
+
+/*
+** tclcmd: sqlite3_quota_initialize NAME MAKEDEFAULT
+*/
+static int test_quota_initialize(
+  void * clientData,
+  Tcl_Interp *interp,
+  int objc,
+  Tcl_Obj *CONST objv[]
+){
+  const char *zName;              /* Name of new quota VFS */
+  int makeDefault;                /* True to make the new VFS the default */
+  int rc;                         /* Value returned by quota_initialize() */
+
+  /* Process arguments */
+  if( objc!=3 ){
+    Tcl_WrongNumArgs(interp, 1, objv, "NAME MAKEDEFAULT");
+    return TCL_ERROR;
+  }
+  zName = Tcl_GetString(objv[1]);
+  if( Tcl_GetBooleanFromObj(interp, objv[2], &makeDefault) ) return TCL_ERROR;
+  if( zName[0]=='\0' ) zName = 0;
+
+  /* Call sqlite3_quota_initialize() */
+  rc = sqlite3_quota_initialize(zName, makeDefault);
+  Tcl_SetResult(interp, (char *)sqlite3TestErrorName(rc), TCL_STATIC);
+
+  return TCL_OK;
+}
+
+/*
+** tclcmd: sqlite3_quota_shutdown
+*/
+static int test_quota_shutdown(
+  void * clientData,
+  Tcl_Interp *interp,
+  int objc,
+  Tcl_Obj *CONST objv[]
+){
+  int rc;                         /* Value returned by quota_shutdown() */
+
+  if( objc!=1 ){
+    Tcl_WrongNumArgs(interp, 1, objv, "");
+    return TCL_ERROR;
+  }
+
+  /* Call sqlite3_quota_shutdown() */
+  rc = sqlite3_quota_shutdown();
+  Tcl_SetResult(interp, (char *)sqlite3TestErrorName(rc), TCL_STATIC);
+
+  return TCL_OK;
+}
+
+/*
+** tclcmd: sqlite3_quota_set PATTERN LIMIT SCRIPT
+*/
+static int test_quota_set(
+  void * clientData,
+  Tcl_Interp *interp,
+  int objc,
+  Tcl_Obj *CONST objv[]
+){
+  const char *zPattern;           /* File pattern to configure */
+  sqlite3_int64 iLimit;           /* Initial quota in bytes */
+  Tcl_Obj *pScript;               /* Tcl script to invoke to increase quota */
+  int rc;                         /* Value returned by quota_set() */
+  TclQuotaCallback *p;            /* Callback object */
+  int nScript;                    /* Length of callback script */
+  void (*xDestroy)(void*);        /* Optional destructor for pArg */
+  void (*xCallback)(const char *, sqlite3_int64 *, sqlite3_int64, void *);
+
+  /* Process arguments */
+  if( objc!=4 ){
+    Tcl_WrongNumArgs(interp, 1, objv, "PATTERN LIMIT SCRIPT");
+    return TCL_ERROR;
+  }
+  zPattern = Tcl_GetString(objv[1]);
+  if( Tcl_GetWideIntFromObj(interp, objv[2], &iLimit) ) return TCL_ERROR;
+  pScript = objv[3];
+  Tcl_GetStringFromObj(pScript, &nScript);
+
+  if( nScript>0 ){
+    /* Allocate a TclQuotaCallback object */
+    p = (TclQuotaCallback *)sqlite3_malloc(sizeof(TclQuotaCallback));
+    if( !p ){
+      Tcl_SetResult(interp, (char *)"SQLITE_NOMEM", TCL_STATIC);
+      return TCL_OK;
+    }
+    memset(p, 0, sizeof(TclQuotaCallback));
+    p->interp = interp;
+    Tcl_IncrRefCount(pScript);
+    p->pScript = pScript;
+    xDestroy = tclCallbackDestructor;
+    xCallback = tclQuotaCallback;
+  }else{
+    p = 0;
+    xDestroy = 0;
+    xCallback = 0;
+  }
+
+  /* Invoke sqlite3_quota_set() */
+  rc = sqlite3_quota_set(zPattern, iLimit, xCallback, (void*)p, xDestroy);
+
+  Tcl_SetResult(interp, (char *)sqlite3TestErrorName(rc), TCL_STATIC);
+  return TCL_OK;
+}
+
+/*
+** tclcmd:  sqlite3_quota_dump
+*/
+static int test_quota_dump(
+  void * clientData,
+  Tcl_Interp *interp,
+  int objc,
+  Tcl_Obj *CONST objv[]
+){
+  Tcl_Obj *pResult;
+  Tcl_Obj *pGroupTerm;
+  Tcl_Obj *pFileTerm;
+  quotaGroup *pGroup;
+  quotaFile *pFile;
+
+  pResult = Tcl_NewObj();
+  quotaEnter();
+  for(pGroup=gQuota.pGroup; pGroup; pGroup=pGroup->pNext){
+    pGroupTerm = Tcl_NewObj();
+    Tcl_ListObjAppendElement(interp, pGroupTerm,
+          Tcl_NewStringObj(pGroup->zPattern, -1));
+    Tcl_ListObjAppendElement(interp, pGroupTerm,
+          Tcl_NewWideIntObj(pGroup->iLimit));
+    Tcl_ListObjAppendElement(interp, pGroupTerm,
+          Tcl_NewWideIntObj(pGroup->iSize));
+    for(pFile=pGroup->pFiles; pFile; pFile=pFile->pNext){
+      pFileTerm = Tcl_NewObj();
+      Tcl_ListObjAppendElement(interp, pFileTerm,
+            Tcl_NewStringObj(pFile->zFilename, -1));
+      Tcl_ListObjAppendElement(interp, pFileTerm,
+            Tcl_NewWideIntObj(pFile->iSize));
+      Tcl_ListObjAppendElement(interp, pFileTerm,
+            Tcl_NewWideIntObj(pFile->nRef));
+      Tcl_ListObjAppendElement(interp, pGroupTerm, pFileTerm);
+    }
+    Tcl_ListObjAppendElement(interp, pResult, pGroupTerm);
+  }
+  quotaLeave();
+  Tcl_SetObjResult(interp, pResult);
+  return TCL_OK;
+}
+
+/*
+** This routine registers the custom TCL commands defined in this
+** module.  This should be the only procedure visible from outside
+** of this module.
+*/
+int Sqlitequota_Init(Tcl_Interp *interp){
+  static struct {
+     char *zName;
+     Tcl_ObjCmdProc *xProc;
+  } aCmd[] = {
+    { "sqlite3_quota_initialize", test_quota_initialize },
+    { "sqlite3_quota_shutdown", test_quota_shutdown },
+    { "sqlite3_quota_set", test_quota_set },
+    { "sqlite3_quota_dump", test_quota_dump },
+  };
+  int i;
+
+  for(i=0; i<sizeof(aCmd)/sizeof(aCmd[0]); i++){
+    Tcl_CreateObjCommand(interp, aCmd[i].zName, aCmd[i].xProc, 0, 0);
+  }
+
+  return TCL_OK;
+}
+#endif
--- a/storage/public/Makefile.in
+++ b/storage/public/Makefile.in
@@ -62,16 +62,17 @@ XPIDLSRCS = \
   mozIStorageError.idl \
   mozIStorageStatementCallback.idl \
   mozIStoragePendingStatement.idl \
   mozIStorageBindingParamsArray.idl \
   mozIStorageBindingParams.idl \
   mozIStorageCompletionCallback.idl \
   mozIStorageBaseStatement.idl \
   mozIStorageAsyncStatement.idl \
+  mozIStorageServiceQuotaManagement.idl \
 	$(NULL)
 
 EXPORTS_NAMESPACES = mozilla
 
 EXPORTS = \
 	mozStorageHelper.h \
 	mozStorage.h \
 	$(NULL)
new file mode 100644
--- /dev/null
+++ b/storage/public/mozIStorageServiceQuotaManagement.idl
@@ -0,0 +1,113 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is Indexed Database.
+ *
+ * The Initial Developer of the Original Code is
+ * The Mozilla Foundation.
+ * Portions created by the Initial Developer are Copyright (C) 2010
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *   Ben Turner <bent.mozilla@gmail.com>
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+#include "nsISupports.idl"
+
+interface mozIStorageConnection;
+interface nsIFile;
+
+[scriptable, function, uuid(ae94f0a5-ebdf-48f4-9959-085e13235d8d)]
+interface mozIStorageQuotaCallback : nsISupports
+{
+  /**
+   * Called when the file size quota for a group of databases is exceeded.
+   *
+   * @param aFilename
+   *        The filename of the database that has exceeded the quota.
+   *
+   * @param aCurrentSizeLimit
+   *        The current size (in bytes) of the quota.
+   *
+   * @param aCurrentTotalSize
+   *        The current size of all databases in the quota group.
+   *
+   * @param aUserData
+   *        Any additional data that was provided to the
+   *        setQuotaForFilenamePattern function.
+   *
+   * @returns A new quota size. A new quota of 0 will disable the quota callback
+   *          and any quota value less than aCurrentTotalSize will cause the
+   *          database operation to fail with NS_ERROR_FILE_NO_DEVICE_SPACE.
+   */
+  long long quotaExceeded(in ACString aFilename,
+                          in long long aCurrentSizeLimit,
+                          in long long aCurrentTotalSize,
+                          in nsISupports aUserData);
+};
+
+/**
+ * This is a temporary interface that should eventually merge with
+ * mozIStorageService.
+ */
+[scriptable, uuid(11def472-446f-4635-a1d8-8856e85aac50)]
+interface mozIStorageServiceQuotaManagement : nsISupports
+{
+  /**
+   * See mozIStorageService.openDatabase. Exactly the same only with a custom
+   * SQLite VFS.
+   */
+  mozIStorageConnection openDatabaseWithVFS(in nsIFile aDatabaseFile,
+                                            in ACString aVFSName);
+
+  /**
+   * Set a file size quota for a group of databases matching the given filename
+   * pattern, optionally specifying a callback when the quota is exceeded.
+   *
+   * @param aPattern
+   *        A pattern to match filenames for inclusion in the quota system. May
+   *        contain the following special characters:
+   *          '*'    Matches any sequence of zero or more characters.
+   *          '?'    Matches exactly one character.
+   *          [...]  Matches one character from the enclosed list of characters.
+   *          [^...] Matches one character not in the enclosed list.
+   *
+   * @param aSizeLimit
+   *        The size limit (in bytes) for the quota group.
+   *
+   * @param aCallback
+   *        A callback that will be used when the quota is exceeded.
+   *
+   * @param aUserData
+   *        Additional information to be passed to the callback.
+   */
+  void setQuotaForFilenamePattern(in ACString aPattern,
+                                  in long long aSizeLimit,
+                                  in mozIStorageQuotaCallback aCallback,
+                                  in nsISupports aUserData);
+};
--- a/storage/public/storage.h
+++ b/storage/public/storage.h
@@ -52,16 +52,17 @@
 #include "mozIStorageProgressHandler.h"
 #include "mozIStorageResultSet.h"
 #include "mozIStorageRow.h"
 #include "mozIStorageService.h"
 #include "mozIStorageStatement.h"
 #include "mozIStorageStatementCallback.h"
 #include "mozIStorageBindingParamsArray.h"
 #include "mozIStorageBindingParams.h"
+#include "mozIStorageServiceQuotaManagement.h"
 
 ////////////////////////////////////////////////////////////////////////////////
 //// Native Language Helpers
 
 #include "mozStorageHelper.h"
 
 #include "mozilla/storage/Variant.h"
 
--- a/storage/src/Makefile.in
+++ b/storage/src/Makefile.in
@@ -78,15 +78,17 @@ CPPSRCS = \
   mozStorageAsyncStatement.cpp \
   mozStorageAsyncStatementJSHelper.cpp \
   mozStorageAsyncStatementParams.cpp \
   StorageBaseStatementInternal.cpp \
   SQLCollations.cpp \
   $(NULL)
 
 LOCAL_INCLUDES = \
-	$(SQLITE_CFLAGS)
+  $(SQLITE_CFLAGS) \
+  -I$(topsrcdir)/db/sqlite3/src \
+  $(NULL)
 
 # This is the default value.  If we ever change it when compiling sqlite, we
 # will need to change it here as well.
 DEFINES += -DSQLITE_MAX_LIKE_PATTERN_LENGTH=50000
 
 include $(topsrcdir)/config/rules.mk
--- a/storage/src/mozStorageConnection.cpp
+++ b/storage/src/mozStorageConnection.cpp
@@ -374,36 +374,37 @@ Connection::getAsyncExecutionTarget()
       return nsnull;
     }
   }
 
   return mAsyncExecutionThread;
 }
 
 nsresult
-Connection::initialize(nsIFile *aDatabaseFile)
+Connection::initialize(nsIFile *aDatabaseFile,
+                       const char* aVFSName)
 {
   NS_ASSERTION (!mDBConn, "Initialize called on already opened database!");
 
   int srv;
   nsresult rv;
 
   mDatabaseFile = aDatabaseFile;
 
   if (aDatabaseFile) {
     nsAutoString path;
     rv = aDatabaseFile->GetPath(path);
     NS_ENSURE_SUCCESS(rv, rv);
 
     srv = ::sqlite3_open_v2(NS_ConvertUTF16toUTF8(path).get(), &mDBConn, mFlags,
-                            NULL);
+                            aVFSName);
   }
   else {
     // in memory database requested, sqlite uses a magic file name
-    srv = ::sqlite3_open_v2(":memory:", &mDBConn, mFlags, NULL);
+    srv = ::sqlite3_open_v2(":memory:", &mDBConn, mFlags, aVFSName);
   }
   if (srv != SQLITE_OK) {
     mDBConn = nsnull;
     return convertResultCode(srv);
   }
 
   // Properly wrap the database handle's mutex.
   sharedDBMutex.initWithMutex(sqlite3_db_mutex(mDBConn));
--- a/storage/src/mozStorageConnection.h
+++ b/storage/src/mozStorageConnection.h
@@ -96,17 +96,18 @@ public:
   /**
    * Creates the connection to the database.
    *
    * @param aDatabaseFile
    *        The nsIFile of the location of the database to open, or create if it
    *        does not exist.  Passing in nsnull here creates an in-memory
    *        database.
    */
-  nsresult initialize(nsIFile *aDatabaseFile);
+  nsresult initialize(nsIFile *aDatabaseFile,
+                      const char* aVFSName = NULL);
 
   // fetch the native handle
   sqlite3 *GetNativeConnection() { return mDBConn; }
 
   /**
    * Lazily creates and returns a background execution thread.  In the future,
    * the thread may be re-claimed if left idle, so you should call this
    * method just before you dispatch and not save the reference.
--- a/storage/src/mozStorageService.cpp
+++ b/storage/src/mozStorageService.cpp
@@ -50,22 +50,78 @@
 #include "mozStoragePrivateHelpers.h"
 #include "nsILocale.h"
 #include "nsILocaleService.h"
 #include "nsIXPConnect.h"
 #include "nsIObserverService.h"
 #include "mozilla/Services.h"
 
 #include "sqlite3.h"
+#include "test_quota.c"
 
 #include "nsIPromptService.h"
 #include "nsIMemoryReporter.h"
 
 #include "mozilla/FunctionTimer.h"
 
+namespace {
+
+class QuotaCallbackData
+{
+public:
+  QuotaCallbackData(mozIStorageQuotaCallback *aCallback,
+                    nsISupports *aUserData)
+  : callback(aCallback), userData(aUserData)
+  {
+    MOZ_COUNT_CTOR(QuotaCallbackData);
+  }
+
+  ~QuotaCallbackData()
+  {
+    MOZ_COUNT_DTOR(QuotaCallbackData);
+  }
+
+  static void Callback(const char *zFilename,
+                       sqlite3_int64 *piLimit,
+                       sqlite3_int64 iSize,
+                       void *pArg)
+  {
+    NS_ASSERTION(zFilename && strlen(zFilename), "Null or empty filename!");
+    NS_ASSERTION(piLimit, "Null pointer!");
+
+    QuotaCallbackData *data = static_cast<QuotaCallbackData*>(pArg);
+    if (!data) {
+      // No callback specified, return immediately.
+      return;
+    }
+
+    NS_ASSERTION(data->callback, "Should never have a null callback!");
+
+    nsDependentCString filename(zFilename);
+
+    PRInt64 newLimit;
+    if (NS_SUCCEEDED(data->callback->QuotaExceeded(filename, *piLimit,
+                                                   iSize, data->userData,
+                                                   &newLimit))) {
+      *piLimit = newLimit;
+    }
+  }
+
+  static void Destroy(void *aUserData)
+  {
+    delete static_cast<QuotaCallbackData*>(aUserData);
+  }
+
+private:
+  nsCOMPtr<mozIStorageQuotaCallback> callback;
+  nsCOMPtr<nsISupports> userData;
+};
+
+} // anonymous namespace
+
 namespace mozilla {
 namespace storage {
 
 ////////////////////////////////////////////////////////////////////////////////
 //// Memory Reporting
 
 static PRInt64
 GetStorageSQLitePageCacheMemoryUsed(void *)
@@ -143,20 +199,21 @@ public:
 private:
   nsIObserver *mObserver;
   nsIXPConnect **mXPConnectPtr;
 };
 
 ////////////////////////////////////////////////////////////////////////////////
 //// Service
 
-NS_IMPL_THREADSAFE_ISUPPORTS2(
+NS_IMPL_THREADSAFE_ISUPPORTS3(
   Service,
   mozIStorageService,
-  nsIObserver
+  nsIObserver,
+  mozIStorageServiceQuotaManagement
 )
 
 Service *Service::gService = nsnull;
 
 Service *
 Service::getSingleton()
 {
   if (gService) {
@@ -213,17 +270,21 @@ Service::Service()
 : mMutex("Service::mMutex")
 {
 }
 
 Service::~Service()
 {
   // Shutdown the sqlite3 API.  Warn if shutdown did not turn out okay, but
   // there is nothing actionable we can do in that case.
-  int rc = ::sqlite3_shutdown();
+  int rc = ::sqlite3_quota_shutdown();
+  if (rc != SQLITE_OK)
+    NS_WARNING("sqlite3 did not shutdown cleanly.");
+
+  rc = ::sqlite3_shutdown();
   if (rc != SQLITE_OK)
     NS_WARNING("sqlite3 did not shutdown cleanly.");
 
   bool shutdownObserved = !sXPConnect;
   NS_ASSERTION(shutdownObserved, "Shutdown was not observed!");
 
   gService = nsnull;
 }
@@ -243,16 +304,20 @@ Service::initialize()
 
   // Explicitly initialize sqlite3.  Although this is implicitly called by
   // various sqlite3 functions (and the sqlite3_open calls in our case),
   // the documentation suggests calling this directly.  So we do.
   rc = ::sqlite3_initialize();
   if (rc != SQLITE_OK)
     return convertResultCode(rc);
 
+  rc = ::sqlite3_quota_initialize(NULL, 0);
+  if (rc != SQLITE_OK)
+    return convertResultCode(rc);
+
   // Run the things that need to run on the main thread there.
   nsCOMPtr<nsIRunnable> event =
     new ServiceMainThreadInitializer(this, &sXPConnect);
   if (event && ::NS_IsMainThread()) {
     (void)event->Run();
   }
   else {
     (void)::NS_DispatchToMainThread(event);
@@ -461,10 +526,64 @@ Service::BackupDatabaseFile(nsIFile *aDB
 NS_IMETHODIMP
 Service::Observe(nsISupports *, const char *aTopic, const PRUnichar *)
 {
   if (strcmp(aTopic, "xpcom-shutdown") == 0)
     shutdown();
   return NS_OK;
 }
 
+////////////////////////////////////////////////////////////////////////////////
+//// mozIStorageServiceQuotaManagement
+
+NS_IMETHODIMP
+Service::OpenDatabaseWithVFS(nsIFile *aDatabaseFile,
+                             const nsACString &aVFSName,
+                             mozIStorageConnection **_connection)
+{
+  NS_ENSURE_ARG(aDatabaseFile);
+
+#ifdef NS_FUNCTION_TIMER
+  nsCString leafname;
+  (void)aDatabaseFile->GetNativeLeafName(leafname);
+  NS_TIME_FUNCTION_FMT("mozIStorageService::OpenDatabaseWithVFS(%s)",
+                       leafname.get());
+#endif
+
+  // Always ensure that SQLITE_OPEN_CREATE is passed in for compatibility
+  // reasons.
+  int flags = SQLITE_OPEN_READWRITE | SQLITE_OPEN_SHAREDCACHE |
+              SQLITE_OPEN_CREATE;
+  nsRefPtr<Connection> msc = new Connection(this, flags);
+  NS_ENSURE_TRUE(msc, NS_ERROR_OUT_OF_MEMORY);
+
+  nsresult rv = msc->initialize(aDatabaseFile,
+                                PromiseFlatCString(aVFSName).get());
+  NS_ENSURE_SUCCESS(rv, rv);
+
+  NS_ADDREF(*_connection = msc);
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+Service::SetQuotaForFilenamePattern(const nsACString &aPattern,
+                                    PRInt64 aSizeLimit,
+                                    mozIStorageQuotaCallback *aCallback,
+                                    nsISupports *aUserData)
+{
+  NS_ENSURE_FALSE(aPattern.IsEmpty(), NS_ERROR_INVALID_ARG);
+
+  nsAutoPtr<QuotaCallbackData> data;
+  if (aSizeLimit && aCallback) {
+    data = new QuotaCallbackData(aCallback, aUserData);
+  }
+
+  int rc = ::sqlite3_quota_set(PromiseFlatCString(aPattern).get(),
+                               aSizeLimit, QuotaCallbackData::Callback,
+                               data, QuotaCallbackData::Destroy);
+  NS_ENSURE_TRUE(rc == SQLITE_OK, convertResultCode(rc));
+
+  data.forget();
+  return NS_OK;
+}
+
 } // namespace storage
 } // namespace mozilla
--- a/storage/src/mozStorageService.h
+++ b/storage/src/mozStorageService.h
@@ -45,24 +45,26 @@
 
 #include "nsCOMPtr.h"
 #include "nsICollation.h"
 #include "nsIFile.h"
 #include "nsIObserver.h"
 #include "mozilla/Mutex.h"
 
 #include "mozIStorageService.h"
+#include "mozIStorageServiceQuotaManagement.h"
 
 class nsIXPConnect;
 
 namespace mozilla {
 namespace storage {
 
 class Service : public mozIStorageService
               , public nsIObserver
+              , public mozIStorageServiceQuotaManagement
 {
 public:
   /**
    * Initializes the service.  This must be called before any other function!
    */
   nsresult initialize();
 
   /**
@@ -82,16 +84,17 @@ public:
                            const nsAString &aStr2,
                            PRInt32 aComparisonStrength);
 
   static Service *getSingleton();
 
   NS_DECL_ISUPPORTS
   NS_DECL_MOZISTORAGESERVICE
   NS_DECL_NSIOBSERVER
+  NS_DECL_MOZISTORAGESERVICEQUOTAMANAGEMENT
 
   /**
    * Obtains an already AddRefed pointer to XPConnect.  This is used by
    * language helpers.
    */
   static already_AddRefed<nsIXPConnect> getXPConnect();
 
 private: