Bug 593045 - 'Add SQLite file size quota management to mozStorage'. r=ted+asuth, a=blocking2.0+.
authorBen Turner <bent.mozilla@gmail.com>
Fri, 03 Sep 2010 07:41:55 -0700
changeset 51972 06f2a47a936f9e05f8a0ebeea40e72f03bd01c3e
parent 51971 13ed98765436d6b3f8254b8b17a625fbcd467ab0
child 51973 950423fb89c8e47ce5de2b125a35ccc3dd5ac250
push idunknown
push userunknown
push dateunknown
reviewersted, blocking2.0
bugs593045
milestone2.0b6pre
Bug 593045 - 'Add SQLite file size quota management to mozStorage'. r=ted+asuth, a=blocking2.0+.
db/sqlite3/README.MOZILLA
db/sqlite3/src/test_quota.c
storage/public/Makefile.in
storage/public/mozIStorageServiceQuotaManagement.idl
storage/public/storage.h
storage/src/Makefile.in
storage/src/mozStorageConnection.cpp
storage/src/mozStorageConnection.h
storage/src/mozStorageService.cpp
storage/src/mozStorageService.h
--- a/db/sqlite3/README.MOZILLA
+++ b/db/sqlite3/README.MOZILLA
@@ -6,11 +6,20 @@ See http://www.sqlite.org/ for more info
 
 We have a mozilla-specific Makefile.in in src/ (normally no
 Makefile.in there) that we use to build.
 
 To move to a new version:
 
 Simply copy the sqlite3.h and sqlite3.c files from the amalgamation of sqlite.
 
+Also copy test_quota.c from the full source package.
+
 Be sure to update SQLITE_VERSION accordingly in $(topsrcdir)/configure.in.
 
 -- Shawn Wilsher <me@shawnwilsher.com> 01/2008
+
+We are using an experimental quota management feature included in test_quota.c.
+This file is not compiled into mozsqlite, but instead included directly into
+mozStorageService.cpp for linking into mozstorage. This allows us to continue
+supporting system sqlite installations.
+
+-- Ben Turner <bent.mozilla@gmail.com>, 09/2010
new file mode 100644
--- /dev/null
+++ b/db/sqlite3/src/test_quota.c
@@ -0,0 +1,938 @@
+/*
+** 2010 September 31
+**
+** The author disclaims copyright to this source code.  In place of
+** a legal notice, here is a blessing:
+**
+**    May you do good and not evil.
+**    May you find forgiveness for yourself and forgive others.
+**    May you share freely, never taking more than you give.
+**
+*************************************************************************
+**
+** This file contains a VFS "shim" - a layer that sits in between the
+** pager and the real VFS.
+**
+** This particular shim enforces a quota system on files.  One or more
+** database files are in a "quota group" that is defined by a GLOB
+** pattern.  A quota is set for the combined size of all files in the
+** the group.  A quota of zero means "no limit".  If the total size
+** of all files in the quota group is greater than the limit, then
+** write requests that attempt to enlarge a file fail with SQLITE_FULL.
+**
+** However, before returning SQLITE_FULL, the write requests invoke
+** a callback function that is configurable for each quota group.
+** This callback has the opportunity to enlarge the quota.  If the
+** callback does enlarge the quota such that the total size of all
+** files within the group is less than the new quota, then the write
+** continues as if nothing had happened.
+*/
+#include "sqlite3.h"
+#include <string.h>
+#include <assert.h>
+
+/************************ Object Definitions ******************************/
+
+/* Forward declaration of all object types */
+typedef struct quotaGroup quotaGroup;
+typedef struct quotaConn quotaConn;
+typedef struct quotaFile quotaFile;
+
+/*
+** A "quota group" is a collection of files whose collective size we want
+** to limit.  Each quota group is defined by a GLOB pattern.
+**
+** There is an instance of the following object for each defined quota
+** group.  This object records the GLOB pattern that defines which files
+** belong to the quota group.  The object also remembers the size limit
+** for the group (the quota) and the callback to be invoked when the
+** sum of the sizes of the files within the group goes over the limit.
+**
+** A quota group must be established (using sqlite3_quota_set(...))
+** prior to opening any of the database connections that access files
+** within the quota group.
+*/
+struct quotaGroup {
+  const char *zPattern;          /* Filename pattern to be quotaed */
+  sqlite3_int64 iLimit;          /* Upper bound on total file size */
+  sqlite3_int64 iSize;           /* Current size of all files */
+  void (*xCallback)(             /* Callback invoked when going over quota */
+     const char *zFilename,         /* Name of file whose size increases */
+     sqlite3_int64 *piLimit,        /* IN/OUT: The current limit */
+     sqlite3_int64 iSize,           /* Total size of all files in the group */
+     void *pArg                     /* Client data */
+  );
+  void *pArg;                    /* Third argument to the xCallback() */
+  void (*xDestroy)(void*);       /* Optional destructor for pArg */
+  quotaGroup *pNext, **ppPrev;   /* Doubly linked list of all quota objects */
+  quotaFile *pFiles;             /* Files within this group */
+};
+
+/*
+** An instance of this structure represents a single file that is part
+** of a quota group.  A single file can be opened multiple times.  In
+** order keep multiple openings of the same file from causing the size
+** of the file to count against the quota multiple times, each file
+** has a unique instance of this object and multiple open connections
+** to the same file each point to a single instance of this object.
+*/
+struct quotaFile {
+  char *zFilename;                /* Name of this file */
+  quotaGroup *pGroup;             /* Quota group to which this file belongs */
+  sqlite3_int64 iSize;            /* Current size of this file */
+  int nRef;                       /* Number of times this file is open */
+  quotaFile *pNext, **ppPrev;     /* Linked list of files in the same group */
+};
+
+/*
+** An instance of the following object represents each open connection
+** to a file that participates in quota tracking.  This object is a 
+** subclass of sqlite3_file.  The sqlite3_file object for the underlying
+** VFS is appended to this structure.
+*/
+struct quotaConn {
+  sqlite3_file base;              /* Base class - must be first */
+  quotaFile *pFile;               /* The underlying file */
+  /* The underlying VFS sqlite3_file is appended to this object */
+};
+
+/************************* Global Variables **********************************/
+/*
+** All global variables used by this file are containing within the following
+** gQuota structure.
+*/
+static struct {
+  /* The pOrigVfs is the real, original underlying VFS implementation.
+  ** Most operations pass-through to the real VFS.  This value is read-only
+  ** during operation.  It is only modified at start-time and thus does not
+  ** require a mutex.
+  */
+  sqlite3_vfs *pOrigVfs;
+
+  /* The sThisVfs is the VFS structure used by this shim.  It is initialized
+  ** at start-time and thus does not require a mutex
+  */
+  sqlite3_vfs sThisVfs;
+
+  /* The sIoMethods defines the methods used by sqlite3_file objects 
+  ** associated with this shim.  It is initialized at start-time and does
+  ** not require a mutex.
+  **
+  ** When the underlying VFS is called to open a file, it might return 
+  ** either a version 1 or a version 2 sqlite3_file object.  This shim
+  ** has to create a wrapper sqlite3_file of the same version.  Hence
+  ** there are two I/O method structures, one for version 1 and the other
+  ** for version 2.
+  */
+  sqlite3_io_methods sIoMethodsV1;
+  sqlite3_io_methods sIoMethodsV2;
+
+  /* True when this shim as been initialized.
+  */
+  int isInitialized;
+
+  /* For run-time access any of the other global data structures in this
+  ** shim, the following mutex must be held.
+  */
+  sqlite3_mutex *pMutex;
+
+  /* List of quotaGroup objects.
+  */
+  quotaGroup *pGroup;
+
+} gQuota;
+
+/************************* Utility Routines *********************************/
+/*
+** Acquire and release the mutex used to serialize access to the
+** list of quotaGroups.
+*/
+static void quotaEnter(void){ sqlite3_mutex_enter(gQuota.pMutex); }
+static void quotaLeave(void){ sqlite3_mutex_leave(gQuota.pMutex); }
+
+
+/* If the reference count and threshold for a quotaGroup are both
+** zero, then destroy the quotaGroup.
+*/
+static void quotaGroupDeref(quotaGroup *pGroup){
+  if( pGroup->pFiles==0 && pGroup->iLimit==0 ){
+    *pGroup->ppPrev = pGroup->pNext;
+    if( pGroup->pNext ) pGroup->pNext->ppPrev = pGroup->ppPrev;
+    if( pGroup->xDestroy ) pGroup->xDestroy(pGroup->pArg);
+    sqlite3_free(pGroup);
+  }
+}
+
+/*
+** Return TRUE if string z matches glob pattern zGlob.
+**
+** Globbing rules:
+**
+**      '*'       Matches any sequence of zero or more characters.
+**
+**      '?'       Matches exactly one character.
+**
+**     [...]      Matches one character from the enclosed list of
+**                characters.
+**
+**     [^...]     Matches one character not in the enclosed list.
+**
+*/
+static int quotaStrglob(const char *zGlob, const char *z){
+  int c, c2;
+  int invert;
+  int seen;
+
+  while( (c = (*(zGlob++)))!=0 ){
+    if( c=='*' ){
+      while( (c=(*(zGlob++))) == '*' || c=='?' ){
+        if( c=='?' && (*(z++))==0 ) return 0;
+      }
+      if( c==0 ){
+        return 1;
+      }else if( c=='[' ){
+        while( *z && quotaStrglob(zGlob-1,z)==0 ){
+          z++;
+        }
+        return (*z)!=0;
+      }
+      while( (c2 = (*(z++)))!=0 ){
+        while( c2!=c ){
+          c2 = *(z++);
+          if( c2==0 ) return 0;
+        }
+        if( quotaStrglob(zGlob,z) ) return 1;
+      }
+      return 0;
+    }else if( c=='?' ){
+      if( (*(z++))==0 ) return 0;
+    }else if( c=='[' ){
+      int prior_c = 0;
+      seen = 0;
+      invert = 0;
+      c = *(z++);
+      if( c==0 ) return 0;
+      c2 = *(zGlob++);
+      if( c2=='^' ){
+        invert = 1;
+        c2 = *(zGlob++);
+      }
+      if( c2==']' ){
+        if( c==']' ) seen = 1;
+        c2 = *(zGlob++);
+      }
+      while( c2 && c2!=']' ){
+        if( c2=='-' && zGlob[0]!=']' && zGlob[0]!=0 && prior_c>0 ){
+          c2 = *(zGlob++);
+          if( c>=prior_c && c<=c2 ) seen = 1;
+          prior_c = 0;
+        }else{
+          if( c==c2 ){
+            seen = 1;
+          }
+          prior_c = c2;
+        }
+        c2 = *(zGlob++);
+      }
+      if( c2==0 || (seen ^ invert)==0 ) return 0;
+    }else{
+      if( c!=(*(z++)) ) return 0;
+    }
+  }
+  return *z==0;
+}
+
+
+/* Find a quotaGroup given the filename.
+**
+** Return a pointer to the quotaGroup object. Return NULL if not found.
+*/
+static quotaGroup *quotaGroupFind(const char *zFilename){
+  quotaGroup *p;
+  for(p=gQuota.pGroup; p && quotaStrglob(p->zPattern, zFilename)==0;
+      p=p->pNext){}
+  return p;
+}
+
+/* Translate an sqlite3_file* that is really a quotaConn* into
+** the sqlite3_file* for the underlying original VFS.
+*/
+static sqlite3_file *quotaSubOpen(sqlite3_file *pConn){
+  quotaConn *p = (quotaConn*)pConn;
+  return (sqlite3_file*)&p[1];
+}
+
+/************************* VFS Method Wrappers *****************************/
+/*
+** This is the xOpen method used for the "quota" VFS.
+**
+** Most of the work is done by the underlying original VFS.  This method
+** simply links the new file into the appropriate quota group if it is a
+** file that needs to be tracked.
+*/
+static int quotaOpen(
+  sqlite3_vfs *pVfs,          /* The quota VFS */
+  const char *zName,          /* Name of file to be opened */
+  sqlite3_file *pConn,        /* Fill in this file descriptor */
+  int flags,                  /* Flags to control the opening */
+  int *pOutFlags              /* Flags showing results of opening */
+){
+  int rc;                                    /* Result code */         
+  quotaConn *pQuotaOpen;                     /* The new quota file descriptor */
+  quotaFile *pFile;                          /* Corresponding quotaFile obj */
+  quotaGroup *pGroup;                        /* The group file belongs to */
+  sqlite3_file *pSubOpen;                    /* Real file descriptor */
+  sqlite3_vfs *pOrigVfs = gQuota.pOrigVfs;   /* Real VFS */
+
+  /* If the file is not a main database file or a WAL, then use the
+  ** normal xOpen method.
+  */
+  if( (flags & (SQLITE_OPEN_MAIN_DB|SQLITE_OPEN_WAL))==0 ){
+    return pOrigVfs->xOpen(pOrigVfs, zName, pConn, flags, pOutFlags);
+  }
+
+  /* If the name of the file does not match any quota group, then
+  ** use the normal xOpen method.
+  */
+  quotaEnter();
+  pGroup = quotaGroupFind(zName);
+  if( pGroup==0 ){
+    rc = pOrigVfs->xOpen(pOrigVfs, zName, pConn, flags, pOutFlags);
+  }else{
+    /* If we get to this point, it means the file needs to be quota tracked.
+    */
+    pQuotaOpen = (quotaConn*)pConn;
+    pSubOpen = quotaSubOpen(pConn);
+    rc = pOrigVfs->xOpen(pOrigVfs, zName, pSubOpen, flags, pOutFlags);
+    if( rc==SQLITE_OK ){
+      for(pFile=pGroup->pFiles; pFile && strcmp(pFile->zFilename, zName);
+          pFile=pFile->pNext){}
+      if( pFile==0 ){
+        int nName = strlen(zName);
+        pFile = (quotaFile *)sqlite3_malloc( sizeof(*pFile) + nName + 1 );
+        if( pFile==0 ){
+          quotaLeave();
+          pSubOpen->pMethods->xClose(pSubOpen);
+          return SQLITE_NOMEM;
+        }
+        memset(pFile, 0, sizeof(*pFile));
+        pFile->zFilename = (char*)&pFile[1];
+        memcpy(pFile->zFilename, zName, nName+1);
+        pFile->pNext = pGroup->pFiles;
+        if( pGroup->pFiles ) pGroup->pFiles->ppPrev = &pFile->pNext;
+        pFile->ppPrev = &pGroup->pFiles;
+        pGroup->pFiles = pFile;
+        pFile->pGroup = pGroup;
+      }
+      pFile->nRef++;
+      pQuotaOpen->pFile = pFile;
+      if( pSubOpen->pMethods->iVersion==1 ){
+        pQuotaOpen->base.pMethods = &gQuota.sIoMethodsV1;
+      }else{
+        pQuotaOpen->base.pMethods = &gQuota.sIoMethodsV2;
+      }
+    }
+  }
+  quotaLeave();
+  return rc;
+}
+
+/************************ I/O Method Wrappers *******************************/
+
+/* xClose requests get passed through to the original VFS.  But we
+** also have to unlink the quotaConn from the quotaFile and quotaGroup.
+** The quotaFile and/or quotaGroup are freed if they are no longer in use.
+*/
+static int quotaClose(sqlite3_file *pConn){
+  quotaConn *p = (quotaConn*)pConn;
+  quotaFile *pFile = p->pFile;
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  int rc;
+  rc = pSubOpen->pMethods->xClose(pSubOpen);
+  quotaEnter();
+  pFile->nRef--;
+  if( pFile->nRef==0 ){
+    quotaGroup *pGroup = pFile->pGroup;
+    pGroup->iSize -= pFile->iSize;
+    if( pFile->pNext ) pFile->pNext->ppPrev = pFile->ppPrev;
+    *pFile->ppPrev = pFile->pNext;
+    quotaGroupDeref(pGroup);
+    sqlite3_free(pFile);
+  }
+  quotaLeave();
+  return rc;
+}
+
+/* Pass xRead requests directory thru to the original VFS without
+** further processing.
+*/
+static int quotaRead(
+  sqlite3_file *pConn,
+  void *pBuf,
+  int iAmt,
+  sqlite3_int64 iOfst
+){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xRead(pSubOpen, pBuf, iAmt, iOfst);
+}
+
+/* Check xWrite requests to see if they expand the file.  If they do,
+** the perform a quota check before passing them through to the
+** original VFS.
+*/
+static int quotaWrite(
+  sqlite3_file *pConn,
+  const void *pBuf,
+  int iAmt,
+  sqlite3_int64 iOfst
+){
+  quotaConn *p = (quotaConn*)pConn;
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  sqlite3_int64 iEnd = iOfst+iAmt;
+  quotaGroup *pGroup;
+  quotaFile *pFile = p->pFile;
+  sqlite3_int64 szNew;
+
+  if( pFile->iSize<iEnd ){
+    pGroup = pFile->pGroup;
+    quotaEnter();
+    szNew = pGroup->iSize - pFile->iSize + iEnd;
+    if( szNew>pGroup->iLimit && pGroup->iLimit>0 ){
+      if( pGroup->xCallback ){
+        pGroup->xCallback(pFile->zFilename, &pGroup->iLimit, szNew, 
+                          pGroup->pArg);
+      }
+      if( szNew>pGroup->iLimit && pGroup->iLimit>0 ){
+        quotaLeave();
+        return SQLITE_FULL;
+      }
+    }
+    pGroup->iSize = szNew;
+    pFile->iSize = iEnd;
+    quotaLeave();
+  }
+  return pSubOpen->pMethods->xWrite(pSubOpen, pBuf, iAmt, iOfst);
+}
+
+/* Pass xTruncate requests thru to the original VFS.  If the
+** success, update the file size.
+*/
+static int quotaTruncate(sqlite3_file *pConn, sqlite3_int64 size){
+  quotaConn *p = (quotaConn*)pConn;
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  int rc = pSubOpen->pMethods->xTruncate(pSubOpen, size);
+  quotaFile *pFile = p->pFile;
+  quotaGroup *pGroup;
+  if( rc==SQLITE_OK ){
+    quotaEnter();
+    pGroup = pFile->pGroup;
+    pGroup->iSize -= pFile->iSize;
+    pFile->iSize = size;
+    pGroup->iSize += size;
+    quotaLeave();
+  }
+  return rc;
+}
+
+/* Pass xSync requests through to the original VFS without change
+*/
+static int quotaSync(sqlite3_file *pConn, int flags){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xSync(pSubOpen, flags);
+}
+
+/* Pass xFileSize requests through to the original VFS but then
+** update the quotaGroup with the new size before returning.
+*/
+static int quotaFileSize(sqlite3_file *pConn, sqlite3_int64 *pSize){
+  quotaConn *p = (quotaConn*)pConn;
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  quotaFile *pFile = p->pFile;
+  quotaGroup *pGroup;
+  sqlite3_int64 sz;
+  int rc;
+
+  rc = pSubOpen->pMethods->xFileSize(pSubOpen, &sz);
+  if( rc==SQLITE_OK ){
+    quotaEnter();
+    pGroup = pFile->pGroup;
+    pGroup->iSize -= pFile->iSize;
+    pFile->iSize = sz;
+    pGroup->iSize += sz;
+    quotaLeave();
+    *pSize = sz;
+  }
+  return rc;
+}
+
+/* Pass xLock requests through to the original VFS unchanged.
+*/
+static int quotaLock(sqlite3_file *pConn, int lock){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xLock(pSubOpen, lock);
+}
+
+/* Pass xUnlock requests through to the original VFS unchanged.
+*/
+static int quotaUnlock(sqlite3_file *pConn, int lock){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xUnlock(pSubOpen, lock);
+}
+
+/* Pass xCheckReservedLock requests through to the original VFS unchanged.
+*/
+static int quotaCheckReservedLock(sqlite3_file *pConn, int *pResOut){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xCheckReservedLock(pSubOpen, pResOut);
+}
+
+/* Pass xFileControl requests through to the original VFS unchanged.
+*/
+static int quotaFileControl(sqlite3_file *pConn, int op, void *pArg){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xFileControl(pSubOpen, op, pArg);
+}
+
+/* Pass xSectorSize requests through to the original VFS unchanged.
+*/
+static int quotaSectorSize(sqlite3_file *pConn){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xSectorSize(pSubOpen);
+}
+
+/* Pass xDeviceCharacteristics requests through to the original VFS unchanged.
+*/
+static int quotaDeviceCharacteristics(sqlite3_file *pConn){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xDeviceCharacteristics(pSubOpen);
+}
+
+/* Pass xShmMap requests through to the original VFS unchanged.
+*/
+static int quotaShmMap(
+  sqlite3_file *pConn,            /* Handle open on database file */
+  int iRegion,                    /* Region to retrieve */
+  int szRegion,                   /* Size of regions */
+  int bExtend,                    /* True to extend file if necessary */
+  void volatile **pp              /* OUT: Mapped memory */
+){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xShmMap(pSubOpen, iRegion, szRegion, bExtend, pp);
+}
+
+/* Pass xShmLock requests through to the original VFS unchanged.
+*/
+static int quotaShmLock(
+  sqlite3_file *pConn,       /* Database file holding the shared memory */
+  int ofst,                  /* First lock to acquire or release */
+  int n,                     /* Number of locks to acquire or release */
+  int flags                  /* What to do with the lock */
+){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xShmLock(pSubOpen, ofst, n, flags);
+}
+
+/* Pass xShmBarrier requests through to the original VFS unchanged.
+*/
+static void quotaShmBarrier(sqlite3_file *pConn){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  pSubOpen->pMethods->xShmBarrier(pSubOpen);
+}
+
+/* Pass xShmUnmap requests through to the original VFS unchanged.
+*/
+static int quotaShmUnmap(sqlite3_file *pConn, int deleteFlag){
+  sqlite3_file *pSubOpen = quotaSubOpen(pConn);
+  return pSubOpen->pMethods->xShmUnmap(pSubOpen, deleteFlag);
+}
+
+/************************** Public Interfaces *****************************/
+/*
+** Initialize the quota VFS shim.  Use the VFS named zOrigVfsName
+** as the VFS that does the actual work.  Use the default if
+** zOrigVfsName==NULL.  
+**
+** The quota VFS shim is named "quota".  It will become the default
+** VFS if makeDefault is non-zero.
+**
+** THIS ROUTINE IS NOT THREADSAFE.  Call this routine exactly once
+** during start-up.
+*/
+int sqlite3_quota_initialize(const char *zOrigVfsName, int makeDefault){
+  sqlite3_vfs *pOrigVfs;
+  if( gQuota.isInitialized ) return SQLITE_MISUSE;
+  pOrigVfs = sqlite3_vfs_find(zOrigVfsName);
+  if( pOrigVfs==0 ) return SQLITE_ERROR;
+  assert( pOrigVfs!=&gQuota.sThisVfs );
+  gQuota.pMutex = sqlite3_mutex_alloc(SQLITE_MUTEX_FAST);
+  if( !gQuota.pMutex ){
+    return SQLITE_NOMEM;
+  }
+  gQuota.isInitialized = 1;
+  gQuota.pOrigVfs = pOrigVfs;
+  gQuota.sThisVfs = *pOrigVfs;
+  gQuota.sThisVfs.xOpen = quotaOpen;
+  gQuota.sThisVfs.szOsFile += sizeof(quotaConn);
+  gQuota.sThisVfs.zName = "quota";
+  gQuota.sIoMethodsV1.iVersion = 1;
+  gQuota.sIoMethodsV1.xClose = quotaClose;
+  gQuota.sIoMethodsV1.xRead = quotaRead;
+  gQuota.sIoMethodsV1.xWrite = quotaWrite;
+  gQuota.sIoMethodsV1.xTruncate = quotaTruncate;
+  gQuota.sIoMethodsV1.xSync = quotaSync;
+  gQuota.sIoMethodsV1.xFileSize = quotaFileSize;
+  gQuota.sIoMethodsV1.xLock = quotaLock;
+  gQuota.sIoMethodsV1.xUnlock = quotaUnlock;
+  gQuota.sIoMethodsV1.xCheckReservedLock = quotaCheckReservedLock;
+  gQuota.sIoMethodsV1.xFileControl = quotaFileControl;
+  gQuota.sIoMethodsV1.xSectorSize = quotaSectorSize;
+  gQuota.sIoMethodsV1.xDeviceCharacteristics = quotaDeviceCharacteristics;
+  gQuota.sIoMethodsV2 = gQuota.sIoMethodsV1;
+  gQuota.sIoMethodsV2.iVersion = 2;
+  gQuota.sIoMethodsV2.xShmMap = quotaShmMap;
+  gQuota.sIoMethodsV2.xShmLock = quotaShmLock;
+  gQuota.sIoMethodsV2.xShmBarrier = quotaShmBarrier;
+  gQuota.sIoMethodsV2.xShmUnmap = quotaShmUnmap;
+  sqlite3_vfs_register(&gQuota.sThisVfs, makeDefault);
+  return SQLITE_OK;
+}
+
+/*
+** Shutdown the quota system.
+**
+** All SQLite database connections must be closed before calling this
+** routine.
+**
+** THIS ROUTINE IS NOT THREADSAFE.  Call this routine exactly one while
+** shutting down in order to free all remaining quota groups.
+*/
+int sqlite3_quota_shutdown(void){
+  quotaGroup *pGroup;
+  if( gQuota.isInitialized==0 ) return SQLITE_MISUSE;
+  for(pGroup=gQuota.pGroup; pGroup; pGroup=pGroup->pNext){
+    if( pGroup->pFiles ) return SQLITE_MISUSE;
+  }
+  while( gQuota.pGroup ){
+    pGroup = gQuota.pGroup;
+    gQuota.pGroup = pGroup->pNext;
+    pGroup->iLimit = 0;
+    quotaGroupDeref(pGroup);
+  }
+  gQuota.isInitialized = 0;
+  sqlite3_mutex_free(gQuota.pMutex);
+  sqlite3_vfs_unregister(&gQuota.sThisVfs);
+  memset(&gQuota, 0, sizeof(gQuota));
+  return SQLITE_OK;
+}
+
+/*
+** Create or destroy a quota group.
+**
+** The quota group is defined by the zPattern.  When calling this routine
+** with a zPattern for a quota group that already exists, this routine
+** merely updates the iLimit, xCallback, and pArg values for that quota
+** group.  If zPattern is new, then a new quota group is created.
+**
+** If the iLimit for a quota group is set to zero, then the quota group
+** is disabled and will be deleted when the last database connection using
+** the quota group is closed.
+**
+** Calling this routine on a zPattern that does not exist and with a
+** zero iLimit is a no-op.
+**
+** A quota group must exist with a non-zero iLimit prior to opening
+** database connections if those connections are to participate in the
+** quota group.  Creating a quota group does not affect database connections
+** that are already open.
+*/
+int sqlite3_quota_set(
+  const char *zPattern,           /* The filename pattern */
+  sqlite3_int64 iLimit,           /* New quota to set for this quota group */
+  void (*xCallback)(              /* Callback invoked when going over quota */
+     const char *zFilename,         /* Name of file whose size increases */
+     sqlite3_int64 *piLimit,        /* IN/OUT: The current limit */
+     sqlite3_int64 iSize,           /* Total size of all files in the group */
+     void *pArg                     /* Client data */
+  ),
+  void *pArg,                     /* client data passed thru to callback */
+  void (*xDestroy)(void*)         /* Optional destructor for pArg */
+){
+  quotaGroup *pGroup;
+  quotaEnter();
+  pGroup = gQuota.pGroup;
+  while( pGroup && strcmp(pGroup->zPattern, zPattern)!=0 ){
+    pGroup = pGroup->pNext;
+  }
+  if( pGroup==0 ){
+    int nPattern = strlen(zPattern);
+    if( iLimit<=0 ){
+      quotaLeave();
+      return SQLITE_OK;
+    }
+    pGroup = (quotaGroup *)sqlite3_malloc( sizeof(*pGroup) + nPattern + 1 );
+    if( pGroup==0 ){
+      quotaLeave();
+      return SQLITE_NOMEM;
+    }
+    memset(pGroup, 0, sizeof(*pGroup));
+    pGroup->zPattern = (char*)&pGroup[1];
+    memcpy((char *)pGroup->zPattern, zPattern, nPattern+1);
+    if( gQuota.pGroup ) gQuota.pGroup->ppPrev = &pGroup->pNext;
+    pGroup->pNext = gQuota.pGroup;
+    pGroup->ppPrev = &gQuota.pGroup;
+    gQuota.pGroup = pGroup;
+  }
+  pGroup->iLimit = iLimit;
+  pGroup->xCallback = xCallback;
+  if( pGroup->xDestroy && pGroup->pArg!=pArg ){
+    pGroup->xDestroy(pGroup->pArg);
+  }
+  pGroup->pArg = pArg;
+  pGroup->xDestroy = xDestroy;
+  quotaGroupDeref(pGroup);
+  quotaLeave();
+  return SQLITE_OK;
+}
+
+  
+/***************************** Test Code ***********************************/
+#ifdef SQLITE_TEST
+#include <tcl.h>
+
+/*
+** Argument passed to a TCL quota-over-limit callback.
+*/
+typedef struct TclQuotaCallback TclQuotaCallback;
+struct TclQuotaCallback {
+  Tcl_Interp *interp;    /* Interpreter in which to run the script */
+  Tcl_Obj *pScript;      /* Script to be run */
+};
+
+extern const char *sqlite3TestErrorName(int);
+
+
+/*
+** This is the callback from a quota-over-limit.
+*/
+static void tclQuotaCallback(
+  const char *zFilename,          /* Name of file whose size increases */
+  sqlite3_int64 *piLimit,         /* IN/OUT: The current limit */
+  sqlite3_int64 iSize,            /* Total size of all files in the group */
+  void *pArg                      /* Client data */
+){
+  TclQuotaCallback *p;            /* Callback script object */
+  Tcl_Obj *pEval;                 /* Script to evaluate */
+  Tcl_Obj *pVarname;              /* Name of variable to pass as 2nd arg */
+  unsigned int rnd;               /* Random part of pVarname */
+  int rc;                         /* Tcl error code */
+
+  p = (TclQuotaCallback *)pArg;
+  if( p==0 ) return;
+
+  pVarname = Tcl_NewStringObj("::piLimit_", -1);
+  Tcl_IncrRefCount(pVarname);
+  sqlite3_randomness(sizeof(rnd), (void *)&rnd);
+  Tcl_AppendObjToObj(pVarname, Tcl_NewIntObj((int)(rnd&0x7FFFFFFF)));
+  Tcl_ObjSetVar2(p->interp, pVarname, 0, Tcl_NewWideIntObj(*piLimit), 0);
+
+  pEval = Tcl_DuplicateObj(p->pScript);
+  Tcl_IncrRefCount(pEval);
+  Tcl_ListObjAppendElement(0, pEval, Tcl_NewStringObj(zFilename, -1));
+  Tcl_ListObjAppendElement(0, pEval, pVarname);
+  Tcl_ListObjAppendElement(0, pEval, Tcl_NewWideIntObj(iSize));
+  rc = Tcl_EvalObjEx(p->interp, pEval, TCL_EVAL_GLOBAL);
+
+  if( rc==TCL_OK ){
+    Tcl_Obj *pLimit = Tcl_ObjGetVar2(p->interp, pVarname, 0, 0);
+    rc = Tcl_GetWideIntFromObj(p->interp, pLimit, piLimit);
+    Tcl_UnsetVar(p->interp, Tcl_GetString(pVarname), 0);
+  }
+
+  Tcl_DecrRefCount(pEval);
+  Tcl_DecrRefCount(pVarname);
+  if( rc!=TCL_OK ) Tcl_BackgroundError(p->interp);
+}
+
+/*
+** Destructor for a TCL quota-over-limit callback.
+*/
+static void tclCallbackDestructor(void *pObj){
+  TclQuotaCallback *p = (TclQuotaCallback*)pObj;
+  if( p ){
+    Tcl_DecrRefCount(p->pScript);
+    sqlite3_free((char *)p);
+  }
+}
+
+/*
+** tclcmd: sqlite3_quota_initialize NAME MAKEDEFAULT
+*/
+static int test_quota_initialize(
+  void * clientData,
+  Tcl_Interp *interp,
+  int objc,
+  Tcl_Obj *CONST objv[]
+){
+  const char *zName;              /* Name of new quota VFS */
+  int makeDefault;                /* True to make the new VFS the default */
+  int rc;                         /* Value returned by quota_initialize() */
+
+  /* Process arguments */
+  if( objc!=3 ){
+    Tcl_WrongNumArgs(interp, 1, objv, "NAME MAKEDEFAULT");
+    return TCL_ERROR;
+  }
+  zName = Tcl_GetString(objv[1]);
+  if( Tcl_GetBooleanFromObj(interp, objv[2], &makeDefault) ) return TCL_ERROR;
+  if( zName[0]=='\0' ) zName = 0;
+
+  /* Call sqlite3_quota_initialize() */
+  rc = sqlite3_quota_initialize(zName, makeDefault);
+  Tcl_SetResult(interp, (char *)sqlite3TestErrorName(rc), TCL_STATIC);
+
+  return TCL_OK;
+}
+
+/*
+** tclcmd: sqlite3_quota_shutdown
+*/
+static int test_quota_shutdown(
+  void * clientData,
+  Tcl_Interp *interp,
+  int objc,
+  Tcl_Obj *CONST objv[]
+){
+  int rc;                         /* Value returned by quota_shutdown() */
+
+  if( objc!=1 ){
+    Tcl_WrongNumArgs(interp, 1, objv, "");
+    return TCL_ERROR;
+  }
+
+  /* Call sqlite3_quota_shutdown() */
+  rc = sqlite3_quota_shutdown();
+  Tcl_SetResult(interp, (char *)sqlite3TestErrorName(rc), TCL_STATIC);
+
+  return TCL_OK;
+}
+
+/*
+** tclcmd: sqlite3_quota_set PATTERN LIMIT SCRIPT
+*/
+static int test_quota_set(
+  void * clientData,
+  Tcl_Interp *interp,
+  int objc,
+  Tcl_Obj *CONST objv[]
+){
+  const char *zPattern;           /* File pattern to configure */
+  sqlite3_int64 iLimit;           /* Initial quota in bytes */
+  Tcl_Obj *pScript;               /* Tcl script to invoke to increase quota */
+  int rc;                         /* Value returned by quota_set() */
+  TclQuotaCallback *p;            /* Callback object */
+  int nScript;                    /* Length of callback script */
+  void (*xDestroy)(void*);        /* Optional destructor for pArg */
+  void (*xCallback)(const char *, sqlite3_int64 *, sqlite3_int64, void *);
+
+  /* Process arguments */
+  if( objc!=4 ){
+    Tcl_WrongNumArgs(interp, 1, objv, "PATTERN LIMIT SCRIPT");
+    return TCL_ERROR;
+  }
+  zPattern = Tcl_GetString(objv[1]);
+  if( Tcl_GetWideIntFromObj(interp, objv[2], &iLimit) ) return TCL_ERROR;
+  pScript = objv[3];
+  Tcl_GetStringFromObj(pScript, &nScript);
+
+  if( nScript>0 ){
+    /* Allocate a TclQuotaCallback object */
+    p = (TclQuotaCallback *)sqlite3_malloc(sizeof(TclQuotaCallback));
+    if( !p ){
+      Tcl_SetResult(interp, (char *)"SQLITE_NOMEM", TCL_STATIC);
+      return TCL_OK;
+    }
+    memset(p, 0, sizeof(TclQuotaCallback));
+    p->interp = interp;
+    Tcl_IncrRefCount(pScript);
+    p->pScript = pScript;
+    xDestroy = tclCallbackDestructor;
+    xCallback = tclQuotaCallback;
+  }else{
+    p = 0;
+    xDestroy = 0;
+    xCallback = 0;
+  }
+
+  /* Invoke sqlite3_quota_set() */
+  rc = sqlite3_quota_set(zPattern, iLimit, xCallback, (void*)p, xDestroy);
+
+  Tcl_SetResult(interp, (char *)sqlite3TestErrorName(rc), TCL_STATIC);
+  return TCL_OK;
+}
+
+/*
+** tclcmd:  sqlite3_quota_dump
+*/
+static int test_quota_dump(
+  void * clientData,
+  Tcl_Interp *interp,
+  int objc,
+  Tcl_Obj *CONST objv[]
+){
+  Tcl_Obj *pResult;
+  Tcl_Obj *pGroupTerm;
+  Tcl_Obj *pFileTerm;
+  quotaGroup *pGroup;
+  quotaFile *pFile;
+
+  pResult = Tcl_NewObj();
+  quotaEnter();
+  for(pGroup=gQuota.pGroup; pGroup; pGroup=pGroup->pNext){
+    pGroupTerm = Tcl_NewObj();
+    Tcl_ListObjAppendElement(interp, pGroupTerm,
+          Tcl_NewStringObj(pGroup->zPattern, -1));
+    Tcl_ListObjAppendElement(interp, pGroupTerm,
+          Tcl_NewWideIntObj(pGroup->iLimit));
+    Tcl_ListObjAppendElement(interp, pGroupTerm,
+          Tcl_NewWideIntObj(pGroup->iSize));
+    for(pFile=pGroup->pFiles; pFile; pFile=pFile->pNext){
+      pFileTerm = Tcl_NewObj();
+      Tcl_ListObjAppendElement(interp, pFileTerm,
+            Tcl_NewStringObj(pFile->zFilename, -1));
+      Tcl_ListObjAppendElement(interp, pFileTerm,
+            Tcl_NewWideIntObj(pFile->iSize));
+      Tcl_ListObjAppendElement(interp, pFileTerm,
+            Tcl_NewWideIntObj(pFile->nRef));
+      Tcl_ListObjAppendElement(interp, pGroupTerm, pFileTerm);
+    }
+    Tcl_ListObjAppendElement(interp, pResult, pGroupTerm);
+  }
+  quotaLeave();
+  Tcl_SetObjResult(interp, pResult);
+  return TCL_OK;
+}
+
+/*
+** This routine registers the custom TCL commands defined in this
+** module.  This should be the only procedure visible from outside
+** of this module.
+*/
+int Sqlitequota_Init(Tcl_Interp *interp){
+  static struct {
+     char *zName;
+     Tcl_ObjCmdProc *xProc;
+  } aCmd[] = {
+    { "sqlite3_quota_initialize", test_quota_initialize },
+    { "sqlite3_quota_shutdown", test_quota_shutdown },
+    { "sqlite3_quota_set", test_quota_set },
+    { "sqlite3_quota_dump", test_quota_dump },
+  };
+  int i;
+
+  for(i=0; i<sizeof(aCmd)/sizeof(aCmd[0]); i++){
+    Tcl_CreateObjCommand(interp, aCmd[i].zName, aCmd[i].xProc, 0, 0);
+  }
+
+  return TCL_OK;
+}
+#endif
--- a/storage/public/Makefile.in
+++ b/storage/public/Makefile.in
@@ -62,16 +62,17 @@ XPIDLSRCS = \
   mozIStorageError.idl \
   mozIStorageStatementCallback.idl \
   mozIStoragePendingStatement.idl \
   mozIStorageBindingParamsArray.idl \
   mozIStorageBindingParams.idl \
   mozIStorageCompletionCallback.idl \
   mozIStorageBaseStatement.idl \
   mozIStorageAsyncStatement.idl \
+  mozIStorageServiceQuotaManagement.idl \
 	$(NULL)
 
 EXPORTS_NAMESPACES = mozilla
 
 EXPORTS = \
 	mozStorageHelper.h \
 	mozStorage.h \
 	$(NULL)
new file mode 100644
--- /dev/null
+++ b/storage/public/mozIStorageServiceQuotaManagement.idl
@@ -0,0 +1,113 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=2 et sw=2 tw=80: */
+/* ***** BEGIN LICENSE BLOCK *****
+ * Version: MPL 1.1/GPL 2.0/LGPL 2.1
+ *
+ * The contents of this file are subject to the Mozilla Public License Version
+ * 1.1 (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ * http://www.mozilla.org/MPL/
+ *
+ * Software distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+ * for the specific language governing rights and limitations under the
+ * License.
+ *
+ * The Original Code is Indexed Database.
+ *
+ * The Initial Developer of the Original Code is
+ * The Mozilla Foundation.
+ * Portions created by the Initial Developer are Copyright (C) 2010
+ * the Initial Developer. All Rights Reserved.
+ *
+ * Contributor(s):
+ *   Ben Turner <bent.mozilla@gmail.com>
+ *
+ * Alternatively, the contents of this file may be used under the terms of
+ * either the GNU General Public License Version 2 or later (the "GPL"), or
+ * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
+ * in which case the provisions of the GPL or the LGPL are applicable instead
+ * of those above. If you wish to allow use of your version of this file only
+ * under the terms of either the GPL or the LGPL, and not to allow others to
+ * use your version of this file under the terms of the MPL, indicate your
+ * decision by deleting the provisions above and replace them with the notice
+ * and other provisions required by the GPL or the LGPL. If you do not delete
+ * the provisions above, a recipient may use your version of this file under
+ * the terms of any one of the MPL, the GPL or the LGPL.
+ *
+ * ***** END LICENSE BLOCK ***** */
+
+#include "nsISupports.idl"
+
+interface mozIStorageConnection;
+interface nsIFile;
+
+[scriptable, function, uuid(ae94f0a5-ebdf-48f4-9959-085e13235d8d)]
+interface mozIStorageQuotaCallback : nsISupports
+{
+  /**
+   * Called when the file size quota for a group of databases is exceeded.
+   *
+   * @param aFilename
+   *        The filename of the database that has exceeded the quota.
+   *
+   * @param aCurrentSizeLimit
+   *        The current size (in bytes) of the quota.
+   *
+   * @param aCurrentTotalSize
+   *        The current size of all databases in the quota group.
+   *
+   * @param aUserData
+   *        Any additional data that was provided to the
+   *        setQuotaForFilenamePattern function.
+   *
+   * @returns A new quota size. A new quota of 0 will disable the quota callback
+   *          and any quota value less than aCurrentTotalSize will cause the
+   *          database operation to fail with NS_ERROR_FILE_NO_DEVICE_SPACE.
+   */
+  long long quotaExceeded(in ACString aFilename,
+                          in long long aCurrentSizeLimit,
+                          in long long aCurrentTotalSize,
+                          in nsISupports aUserData);
+};
+
+/**
+ * This is a temporary interface that should eventually merge with
+ * mozIStorageService.
+ */
+[scriptable, uuid(11def472-446f-4635-a1d8-8856e85aac50)]
+interface mozIStorageServiceQuotaManagement : nsISupports
+{
+  /**
+   * See mozIStorageService.openDatabase. Exactly the same only with a custom
+   * SQLite VFS.
+   */
+  mozIStorageConnection openDatabaseWithVFS(in nsIFile aDatabaseFile,
+                                            in ACString aVFSName);
+
+  /**
+   * Set a file size quota for a group of databases matching the given filename
+   * pattern, optionally specifying a callback when the quota is exceeded.
+   *
+   * @param aPattern
+   *        A pattern to match filenames for inclusion in the quota system. May
+   *        contain the following special characters:
+   *          '*'    Matches any sequence of zero or more characters.
+   *          '?'    Matches exactly one character.
+   *          [...]  Matches one character from the enclosed list of characters.
+   *          [^...] Matches one character not in the enclosed list.
+   *
+   * @param aSizeLimit
+   *        The size limit (in bytes) for the quota group.
+   *
+   * @param aCallback
+   *        A callback that will be used when the quota is exceeded.
+   *
+   * @param aUserData
+   *        Additional information to be passed to the callback.
+   */
+  void setQuotaForFilenamePattern(in ACString aPattern,
+                                  in long long aSizeLimit,
+                                  in mozIStorageQuotaCallback aCallback,
+                                  in nsISupports aUserData);
+};
--- a/storage/public/storage.h
+++ b/storage/public/storage.h
@@ -52,16 +52,17 @@
 #include "mozIStorageProgressHandler.h"
 #include "mozIStorageResultSet.h"
 #include "mozIStorageRow.h"
 #include "mozIStorageService.h"
 #include "mozIStorageStatement.h"
 #include "mozIStorageStatementCallback.h"
 #include "mozIStorageBindingParamsArray.h"
 #include "mozIStorageBindingParams.h"
+#include "mozIStorageServiceQuotaManagement.h"
 
 ////////////////////////////////////////////////////////////////////////////////
 //// Native Language Helpers
 
 #include "mozStorageHelper.h"
 
 #include "mozilla/storage/Variant.h"
 
--- a/storage/src/Makefile.in
+++ b/storage/src/Makefile.in
@@ -78,15 +78,17 @@ CPPSRCS = \
   mozStorageAsyncStatement.cpp \
   mozStorageAsyncStatementJSHelper.cpp \
   mozStorageAsyncStatementParams.cpp \
   StorageBaseStatementInternal.cpp \
   SQLCollations.cpp \
   $(NULL)
 
 LOCAL_INCLUDES = \
-	$(SQLITE_CFLAGS)
+  $(SQLITE_CFLAGS) \
+  -I$(topsrcdir)/db/sqlite3/src \
+  $(NULL)
 
 # This is the default value.  If we ever change it when compiling sqlite, we
 # will need to change it here as well.
 DEFINES += -DSQLITE_MAX_LIKE_PATTERN_LENGTH=50000
 
 include $(topsrcdir)/config/rules.mk
--- a/storage/src/mozStorageConnection.cpp
+++ b/storage/src/mozStorageConnection.cpp
@@ -374,36 +374,37 @@ Connection::getAsyncExecutionTarget()
       return nsnull;
     }
   }
 
   return mAsyncExecutionThread;
 }
 
 nsresult
-Connection::initialize(nsIFile *aDatabaseFile)
+Connection::initialize(nsIFile *aDatabaseFile,
+                       const char* aVFSName)
 {
   NS_ASSERTION (!mDBConn, "Initialize called on already opened database!");
 
   int srv;
   nsresult rv;
 
   mDatabaseFile = aDatabaseFile;
 
   if (aDatabaseFile) {
     nsAutoString path;
     rv = aDatabaseFile->GetPath(path);
     NS_ENSURE_SUCCESS(rv, rv);
 
     srv = ::sqlite3_open_v2(NS_ConvertUTF16toUTF8(path).get(), &mDBConn, mFlags,
-                            NULL);
+                            aVFSName);
   }
   else {
     // in memory database requested, sqlite uses a magic file name
-    srv = ::sqlite3_open_v2(":memory:", &mDBConn, mFlags, NULL);
+    srv = ::sqlite3_open_v2(":memory:", &mDBConn, mFlags, aVFSName);
   }
   if (srv != SQLITE_OK) {
     mDBConn = nsnull;
     return convertResultCode(srv);
   }
 
   // Properly wrap the database handle's mutex.
   sharedDBMutex.initWithMutex(sqlite3_db_mutex(mDBConn));
--- a/storage/src/mozStorageConnection.h
+++ b/storage/src/mozStorageConnection.h
@@ -96,17 +96,18 @@ public:
   /**
    * Creates the connection to the database.
    *
    * @param aDatabaseFile
    *        The nsIFile of the location of the database to open, or create if it
    *        does not exist.  Passing in nsnull here creates an in-memory
    *        database.
    */
-  nsresult initialize(nsIFile *aDatabaseFile);
+  nsresult initialize(nsIFile *aDatabaseFile,
+                      const char* aVFSName = NULL);
 
   // fetch the native handle
   sqlite3 *GetNativeConnection() { return mDBConn; }
 
   /**
    * Lazily creates and returns a background execution thread.  In the future,
    * the thread may be re-claimed if left idle, so you should call this
    * method just before you dispatch and not save the reference.
--- a/storage/src/mozStorageService.cpp
+++ b/storage/src/mozStorageService.cpp
@@ -50,22 +50,78 @@
 #include "mozStoragePrivateHelpers.h"
 #include "nsILocale.h"
 #include "nsILocaleService.h"
 #include "nsIXPConnect.h"
 #include "nsIObserverService.h"
 #include "mozilla/Services.h"
 
 #include "sqlite3.h"
+#include "test_quota.c"
 
 #include "nsIPromptService.h"
 #include "nsIMemoryReporter.h"
 
 #include "mozilla/FunctionTimer.h"
 
+namespace {
+
+class QuotaCallbackData
+{
+public:
+  QuotaCallbackData(mozIStorageQuotaCallback *aCallback,
+                    nsISupports *aUserData)
+  : callback(aCallback), userData(aUserData)
+  {
+    MOZ_COUNT_CTOR(QuotaCallbackData);
+  }
+
+  ~QuotaCallbackData()
+  {
+    MOZ_COUNT_DTOR(QuotaCallbackData);
+  }
+
+  static void Callback(const char *zFilename,
+                       sqlite3_int64 *piLimit,
+                       sqlite3_int64 iSize,
+                       void *pArg)
+  {
+    NS_ASSERTION(zFilename && strlen(zFilename), "Null or empty filename!");
+    NS_ASSERTION(piLimit, "Null pointer!");
+
+    QuotaCallbackData *data = static_cast<QuotaCallbackData*>(pArg);
+    if (!data) {
+      // No callback specified, return immediately.
+      return;
+    }
+
+    NS_ASSERTION(data->callback, "Should never have a null callback!");
+
+    nsDependentCString filename(zFilename);
+
+    PRInt64 newLimit;
+    if (NS_SUCCEEDED(data->callback->QuotaExceeded(filename, *piLimit,
+                                                   iSize, data->userData,
+                                                   &newLimit))) {
+      *piLimit = newLimit;
+    }
+  }
+
+  static void Destroy(void *aUserData)
+  {
+    delete static_cast<QuotaCallbackData*>(aUserData);
+  }
+
+private:
+  nsCOMPtr<mozIStorageQuotaCallback> callback;
+  nsCOMPtr<nsISupports> userData;
+};
+
+} // anonymous namespace
+
 namespace mozilla {
 namespace storage {
 
 ////////////////////////////////////////////////////////////////////////////////
 //// Memory Reporting
 
 static PRInt64
 GetStorageSQLitePageCacheMemoryUsed(void *)
@@ -143,20 +199,21 @@ public:
 private:
   nsIObserver *mObserver;
   nsIXPConnect **mXPConnectPtr;
 };
 
 ////////////////////////////////////////////////////////////////////////////////
 //// Service
 
-NS_IMPL_THREADSAFE_ISUPPORTS2(
+NS_IMPL_THREADSAFE_ISUPPORTS3(
   Service,
   mozIStorageService,
-  nsIObserver
+  nsIObserver,
+  mozIStorageServiceQuotaManagement
 )
 
 Service *Service::gService = nsnull;
 
 Service *
 Service::getSingleton()
 {
   if (gService) {
@@ -213,17 +270,21 @@ Service::Service()
 : mMutex("Service::mMutex")
 {
 }
 
 Service::~Service()
 {
   // Shutdown the sqlite3 API.  Warn if shutdown did not turn out okay, but
   // there is nothing actionable we can do in that case.
-  int rc = ::sqlite3_shutdown();
+  int rc = ::sqlite3_quota_shutdown();
+  if (rc != SQLITE_OK)
+    NS_WARNING("sqlite3 did not shutdown cleanly.");
+
+  rc = ::sqlite3_shutdown();
   if (rc != SQLITE_OK)
     NS_WARNING("sqlite3 did not shutdown cleanly.");
 
   bool shutdownObserved = !sXPConnect;
   NS_ASSERTION(shutdownObserved, "Shutdown was not observed!");
 
   gService = nsnull;
 }
@@ -243,16 +304,20 @@ Service::initialize()
 
   // Explicitly initialize sqlite3.  Although this is implicitly called by
   // various sqlite3 functions (and the sqlite3_open calls in our case),
   // the documentation suggests calling this directly.  So we do.
   rc = ::sqlite3_initialize();
   if (rc != SQLITE_OK)
     return convertResultCode(rc);
 
+  rc = ::sqlite3_quota_initialize(NULL, 0);
+  if (rc != SQLITE_OK)
+    return convertResultCode(rc);
+
   // Run the things that need to run on the main thread there.
   nsCOMPtr<nsIRunnable> event =
     new ServiceMainThreadInitializer(this, &sXPConnect);
   if (event && ::NS_IsMainThread()) {
     (void)event->Run();
   }
   else {
     (void)::NS_DispatchToMainThread(event);
@@ -461,10 +526,64 @@ Service::BackupDatabaseFile(nsIFile *aDB
 NS_IMETHODIMP
 Service::Observe(nsISupports *, const char *aTopic, const PRUnichar *)
 {
   if (strcmp(aTopic, "xpcom-shutdown") == 0)
     shutdown();
   return NS_OK;
 }
 
+////////////////////////////////////////////////////////////////////////////////
+//// mozIStorageServiceQuotaManagement
+
+NS_IMETHODIMP
+Service::OpenDatabaseWithVFS(nsIFile *aDatabaseFile,
+                             const nsACString &aVFSName,
+                             mozIStorageConnection **_connection)
+{
+  NS_ENSURE_ARG(aDatabaseFile);
+
+#ifdef NS_FUNCTION_TIMER
+  nsCString leafname;
+  (void)aDatabaseFile->GetNativeLeafName(leafname);
+  NS_TIME_FUNCTION_FMT("mozIStorageService::OpenDatabaseWithVFS(%s)",
+                       leafname.get());
+#endif
+
+  // Always ensure that SQLITE_OPEN_CREATE is passed in for compatibility
+  // reasons.
+  int flags = SQLITE_OPEN_READWRITE | SQLITE_OPEN_SHAREDCACHE |
+              SQLITE_OPEN_CREATE;
+  nsRefPtr<Connection> msc = new Connection(this, flags);
+  NS_ENSURE_TRUE(msc, NS_ERROR_OUT_OF_MEMORY);
+
+  nsresult rv = msc->initialize(aDatabaseFile,
+                                PromiseFlatCString(aVFSName).get());
+  NS_ENSURE_SUCCESS(rv, rv);
+
+  NS_ADDREF(*_connection = msc);
+  return NS_OK;
+}
+
+NS_IMETHODIMP
+Service::SetQuotaForFilenamePattern(const nsACString &aPattern,
+                                    PRInt64 aSizeLimit,
+                                    mozIStorageQuotaCallback *aCallback,
+                                    nsISupports *aUserData)
+{
+  NS_ENSURE_FALSE(aPattern.IsEmpty(), NS_ERROR_INVALID_ARG);
+
+  nsAutoPtr<QuotaCallbackData> data;
+  if (aSizeLimit && aCallback) {
+    data = new QuotaCallbackData(aCallback, aUserData);
+  }
+
+  int rc = ::sqlite3_quota_set(PromiseFlatCString(aPattern).get(),
+                               aSizeLimit, QuotaCallbackData::Callback,
+                               data, QuotaCallbackData::Destroy);
+  NS_ENSURE_TRUE(rc == SQLITE_OK, convertResultCode(rc));
+
+  data.forget();
+  return NS_OK;
+}
+
 } // namespace storage
 } // namespace mozilla
--- a/storage/src/mozStorageService.h
+++ b/storage/src/mozStorageService.h
@@ -45,24 +45,26 @@
 
 #include "nsCOMPtr.h"
 #include "nsICollation.h"
 #include "nsIFile.h"
 #include "nsIObserver.h"
 #include "mozilla/Mutex.h"
 
 #include "mozIStorageService.h"
+#include "mozIStorageServiceQuotaManagement.h"
 
 class nsIXPConnect;
 
 namespace mozilla {
 namespace storage {
 
 class Service : public mozIStorageService
               , public nsIObserver
+              , public mozIStorageServiceQuotaManagement
 {
 public:
   /**
    * Initializes the service.  This must be called before any other function!
    */
   nsresult initialize();
 
   /**
@@ -82,16 +84,17 @@ public:
                            const nsAString &aStr2,
                            PRInt32 aComparisonStrength);
 
   static Service *getSingleton();
 
   NS_DECL_ISUPPORTS
   NS_DECL_MOZISTORAGESERVICE
   NS_DECL_NSIOBSERVER
+  NS_DECL_MOZISTORAGESERVICEQUOTAMANAGEMENT
 
   /**
    * Obtains an already AddRefed pointer to XPConnect.  This is used by
    * language helpers.
    */
   static already_AddRefed<nsIXPConnect> getXPConnect();
 
 private: