From patchwork Thu Dec 12 16:38:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "Dr. David Alan Gilbert" X-Patchwork-Id: 1208667 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.b="PYWE4mdq"; dkim-atps=neutral Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47YgQw3LYKz9sPK for ; Fri, 13 Dec 2019 04:15:04 +1100 (AEDT) Received: from localhost ([::1]:34502 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ifS3J-000255-QP for incoming@patchwork.ozlabs.org; Thu, 12 Dec 2019 12:15:01 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:53656) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ifRW1-0006LR-KA for qemu-devel@nongnu.org; Thu, 12 Dec 2019 11:40:38 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ifRW0-0002oC-CB for qemu-devel@nongnu.org; Thu, 12 Dec 2019 11:40:37 -0500 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:35912 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ifRW0-0002nI-7b for qemu-devel@nongnu.org; Thu, 12 Dec 2019 11:40:36 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1576168835; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=lTsbTmjXGySrUE5zs/n5qZKAmmP3lDqBaYyOa+YlryE=; b=PYWE4mdqs5TzUXaiPmP2ZuLAbE2IdOvq1aCGH/d2f2yIPUXVizIYOFOe9aEMgFVd/ldybW fayaC3jB+/mrRImWEWxKm1ET+Trw3bG93R97ltj3dn6QXGW7TfxDZG/pNrOk2nL40yuEI3 bYrgYCtNPHzVH/y1/cyjeuceRdEwNNo= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-387-d4vcgBpxOKWLofUATTdNEg-1; Thu, 12 Dec 2019 11:40:33 -0500 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A503B64A7F for ; Thu, 12 Dec 2019 16:40:32 +0000 (UTC) Received: from dgilbert-t580.localhost (ovpn-116-226.ams2.redhat.com [10.36.116.226]) by smtp.corp.redhat.com (Postfix) with ESMTP id CE04160BF3; Thu, 12 Dec 2019 16:40:31 +0000 (UTC) From: "Dr. David Alan Gilbert (git)" To: qemu-devel@nongnu.org, stefanha@redhat.com, vgoyal@redhat.com Subject: [PATCH 054/104] virtiofsd: set maximum RLIMIT_NOFILE limit Date: Thu, 12 Dec 2019 16:38:14 +0000 Message-Id: <20191212163904.159893-55-dgilbert@redhat.com> In-Reply-To: <20191212163904.159893-1-dgilbert@redhat.com> References: <20191212163904.159893-1-dgilbert@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-MC-Unique: d4vcgBpxOKWLofUATTdNEg-1 X-Mimecast-Spam-Score: 0 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 207.211.31.120 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" From: Stefan Hajnoczi virtiofsd can exceed the default open file descriptor limit easily on most systems. Take advantage of the fact that it runs as root to raise the limit. Signed-off-by: Stefan Hajnoczi Reviewed-by: Daniel P. Berrangé Reviewed-by: Philippe Mathieu-Daudé --- tools/virtiofsd/passthrough_ll.c | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c index ab318a6f36..139bf08f4c 100644 --- a/tools/virtiofsd/passthrough_ll.c +++ b/tools/virtiofsd/passthrough_ll.c @@ -52,6 +52,7 @@ #include #include #include +#include #include #include #include @@ -2250,6 +2251,35 @@ static void setup_sandbox(struct lo_data *lo, struct fuse_session *se) setup_seccomp(); } +/* Raise the maximum number of open file descriptors */ +static void setup_nofile_rlimit(void) +{ + const rlim_t max_fds = 1000000; + struct rlimit rlim; + + if (getrlimit(RLIMIT_NOFILE, &rlim) < 0) { + fuse_log(FUSE_LOG_ERR, "getrlimit(RLIMIT_NOFILE): %m\n"); + exit(1); + } + + if (rlim.rlim_cur >= max_fds) { + return; /* nothing to do */ + } + + rlim.rlim_cur = max_fds; + rlim.rlim_max = max_fds; + + if (setrlimit(RLIMIT_NOFILE, &rlim) < 0) { + /* Ignore SELinux denials */ + if (errno == EPERM) { + return; + } + + fuse_log(FUSE_LOG_ERR, "setrlimit(RLIMIT_NOFILE): %m\n"); + exit(1); + } +} + int main(int argc, char *argv[]) { struct fuse_args args = FUSE_ARGS_INIT(argc, argv); @@ -2371,6 +2401,8 @@ int main(int argc, char *argv[]) fuse_daemonize(opts.foreground); + setup_nofile_rlimit(); + /* Must be before sandbox since it wants /proc */ setup_capng();