[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 054/104] virtiofsd: set maximum RLIMIT_NOFILE limit
From: |
Dr. David Alan Gilbert |
Subject: |
Re: [PATCH 054/104] virtiofsd: set maximum RLIMIT_NOFILE limit |
Date: |
Wed, 15 Jan 2020 17:38:32 +0000 |
User-agent: |
Mutt/1.13.0 (2019-11-30) |
* Philippe Mathieu-Daudé (address@hidden) wrote:
> On 12/12/19 5:38 PM, Dr. David Alan Gilbert (git) wrote:
> > From: Stefan Hajnoczi <address@hidden>
> >
> > virtiofsd can exceed the default open file descriptor limit easily on
> > most systems. Take advantage of the fact that it runs as root to raise
> > the limit.
> >
> > Signed-off-by: Stefan Hajnoczi <address@hidden>
> > ---
> > tools/virtiofsd/passthrough_ll.c | 32 ++++++++++++++++++++++++++++++++
> > 1 file changed, 32 insertions(+)
> >
> > diff --git a/tools/virtiofsd/passthrough_ll.c
> > b/tools/virtiofsd/passthrough_ll.c
> > index ab318a6f36..139bf08f4c 100644
> > --- a/tools/virtiofsd/passthrough_ll.c
> > +++ b/tools/virtiofsd/passthrough_ll.c
> > @@ -52,6 +52,7 @@
> > #include <sys/file.h>
> > #include <sys/mount.h>
> > #include <sys/prctl.h>
> > +#include <sys/resource.h>
> > #include <sys/syscall.h>
> > #include <sys/types.h>
> > #include <sys/wait.h>
> > @@ -2250,6 +2251,35 @@ static void setup_sandbox(struct lo_data *lo, struct
> > fuse_session *se)
> > setup_seccomp();
> > }
> > +/* Raise the maximum number of open file descriptors */
> > +static void setup_nofile_rlimit(void)
> > +{
> > + const rlim_t max_fds = 1000000;
>
> 'static const'?
Why?
> Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
>
Thanks!
> > + struct rlimit rlim;
> > +
> > + if (getrlimit(RLIMIT_NOFILE, &rlim) < 0) {
> > + fuse_log(FUSE_LOG_ERR, "getrlimit(RLIMIT_NOFILE): %m\n");
> > + exit(1);
> > + }
> > +
> > + if (rlim.rlim_cur >= max_fds) {
> > + return; /* nothing to do */
> > + }
> > +
> > + rlim.rlim_cur = max_fds;
> > + rlim.rlim_max = max_fds;
> > +
> > + if (setrlimit(RLIMIT_NOFILE, &rlim) < 0) {
> > + /* Ignore SELinux denials */
> > + if (errno == EPERM) {
> > + return;
> > + }
> > +
> > + fuse_log(FUSE_LOG_ERR, "setrlimit(RLIMIT_NOFILE): %m\n");
> > + exit(1);
> > + }
> > +}
> > +
> > int main(int argc, char *argv[])
> > {
> > struct fuse_args args = FUSE_ARGS_INIT(argc, argv);
> > @@ -2371,6 +2401,8 @@ int main(int argc, char *argv[])
> > fuse_daemonize(opts.foreground);
> > + setup_nofile_rlimit();
> > +
> > /* Must be before sandbox since it wants /proc */
> > setup_capng();
> >
>
--
Dr. David Alan Gilbert / address@hidden / Manchester, UK