cryptospore / rpms / qemu-kvm

Forked from rpms/qemu-kvm 2 years ago
Clone
902636
From 4cc435b3a8a9a419cc85ee883d5184f810f91e52 Mon Sep 17 00:00:00 2001
902636
From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
902636
Date: Mon, 27 Jan 2020 19:01:34 +0100
902636
Subject: [PATCH 063/116] virtiofsd: set maximum RLIMIT_NOFILE limit
902636
MIME-Version: 1.0
902636
Content-Type: text/plain; charset=UTF-8
902636
Content-Transfer-Encoding: 8bit
902636
902636
RH-Author: Dr. David Alan Gilbert <dgilbert@redhat.com>
902636
Message-id: <20200127190227.40942-60-dgilbert@redhat.com>
902636
Patchwork-id: 93516
902636
O-Subject: [RHEL-AV-8.2 qemu-kvm PATCH 059/112] virtiofsd: set maximum RLIMIT_NOFILE limit
902636
Bugzilla: 1694164
902636
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
902636
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
902636
RH-Acked-by: Sergio Lopez Pascual <slp@redhat.com>
902636
902636
From: Stefan Hajnoczi <stefanha@redhat.com>
902636
902636
virtiofsd can exceed the default open file descriptor limit easily on
902636
most systems.  Take advantage of the fact that it runs as root to raise
902636
the limit.
902636
902636
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
902636
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
902636
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
902636
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
902636
(cherry picked from commit 01a6dc95ec7f71eeff9963fe3cb03d85225fba3e)
902636
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
902636
---
902636
 tools/virtiofsd/passthrough_ll.c | 32 ++++++++++++++++++++++++++++++++
902636
 1 file changed, 32 insertions(+)
902636
902636
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
902636
index d53cb1e..c281d81 100644
902636
--- a/tools/virtiofsd/passthrough_ll.c
902636
+++ b/tools/virtiofsd/passthrough_ll.c
902636
@@ -53,6 +53,7 @@
902636
 #include <sys/file.h>
902636
 #include <sys/mount.h>
902636
 #include <sys/prctl.h>
902636
+#include <sys/resource.h>
902636
 #include <sys/syscall.h>
902636
 #include <sys/types.h>
902636
 #include <sys/wait.h>
902636
@@ -2268,6 +2269,35 @@ static void setup_sandbox(struct lo_data *lo, struct fuse_session *se)
902636
     setup_seccomp();
902636
 }
902636
 
902636
+/* Raise the maximum number of open file descriptors */
902636
+static void setup_nofile_rlimit(void)
902636
+{
902636
+    const rlim_t max_fds = 1000000;
902636
+    struct rlimit rlim;
902636
+
902636
+    if (getrlimit(RLIMIT_NOFILE, &rlim) < 0) {
902636
+        fuse_log(FUSE_LOG_ERR, "getrlimit(RLIMIT_NOFILE): %m\n");
902636
+        exit(1);
902636
+    }
902636
+
902636
+    if (rlim.rlim_cur >= max_fds) {
902636
+        return; /* nothing to do */
902636
+    }
902636
+
902636
+    rlim.rlim_cur = max_fds;
902636
+    rlim.rlim_max = max_fds;
902636
+
902636
+    if (setrlimit(RLIMIT_NOFILE, &rlim) < 0) {
902636
+        /* Ignore SELinux denials */
902636
+        if (errno == EPERM) {
902636
+            return;
902636
+        }
902636
+
902636
+        fuse_log(FUSE_LOG_ERR, "setrlimit(RLIMIT_NOFILE): %m\n");
902636
+        exit(1);
902636
+    }
902636
+}
902636
+
902636
 int main(int argc, char *argv[])
902636
 {
902636
     struct fuse_args args = FUSE_ARGS_INIT(argc, argv);
902636
@@ -2389,6 +2419,8 @@ int main(int argc, char *argv[])
902636
 
902636
     fuse_daemonize(opts.foreground);
902636
 
902636
+    setup_nofile_rlimit();
902636
+
902636
     /* Must be before sandbox since it wants /proc */
902636
     setup_capng();
902636
 
902636
-- 
902636
1.8.3.1
902636