1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
5 #include "alloc-util.h"
6 #include "extract-word.h"
8 #include "format-util.h"
10 #include "missing_resource.h"
11 #include "rlimit-util.h"
12 #include "string-table.h"
13 #include "time-util.h"
15 int setrlimit_closest(int resource
, const struct rlimit
*rlim
) {
16 struct rlimit highest
, fixed
;
20 if (setrlimit(resource
, rlim
) >= 0)
26 /* So we failed to set the desired setrlimit, then let's try
27 * to get as close as we can */
28 if (getrlimit(resource
, &highest
) < 0)
31 /* If the hard limit is unbounded anyway, then the EPERM had other reasons, let's propagate the original EPERM
33 if (highest
.rlim_max
== RLIM_INFINITY
)
36 fixed
= (struct rlimit
) {
37 .rlim_cur
= MIN(rlim
->rlim_cur
, highest
.rlim_max
),
38 .rlim_max
= MIN(rlim
->rlim_max
, highest
.rlim_max
),
41 /* Shortcut things if we wouldn't change anything. */
42 if (fixed
.rlim_cur
== highest
.rlim_cur
&&
43 fixed
.rlim_max
== highest
.rlim_max
)
46 log_debug("Failed at setting rlimit " RLIM_FMT
" for resource RLIMIT_%s. Will attempt setting value " RLIM_FMT
" instead.", rlim
->rlim_max
, rlimit_to_string(resource
), fixed
.rlim_max
);
48 if (setrlimit(resource
, &fixed
) < 0)
54 int setrlimit_closest_all(const struct rlimit
*const *rlim
, int *which_failed
) {
59 /* On failure returns the limit's index that failed in *which_failed, but only if non-NULL */
61 for (int i
= 0; i
< _RLIMIT_MAX
; i
++) {
65 r
= setrlimit_closest(i
, rlim
[i
]);
80 static int rlimit_parse_u64(const char *val
, rlim_t
*ret
) {
87 if (streq(val
, "infinity")) {
92 /* setrlimit(2) suggests rlim_t is always 64bit on Linux. */
93 assert_cc(sizeof(rlim_t
) == sizeof(uint64_t));
95 r
= safe_atou64(val
, &u
);
98 if (u
>= (uint64_t) RLIM_INFINITY
)
105 static int rlimit_parse_size(const char *val
, rlim_t
*ret
) {
112 if (streq(val
, "infinity")) {
113 *ret
= RLIM_INFINITY
;
117 r
= parse_size(val
, 1024, &u
);
120 if (u
>= (uint64_t) RLIM_INFINITY
)
127 static int rlimit_parse_sec(const char *val
, rlim_t
*ret
) {
135 if (streq(val
, "infinity")) {
136 *ret
= RLIM_INFINITY
;
140 r
= parse_sec(val
, &t
);
143 if (t
== USEC_INFINITY
) {
144 *ret
= RLIM_INFINITY
;
148 u
= (uint64_t) DIV_ROUND_UP(t
, USEC_PER_SEC
);
149 if (u
>= (uint64_t) RLIM_INFINITY
)
156 static int rlimit_parse_usec(const char *val
, rlim_t
*ret
) {
163 if (streq(val
, "infinity")) {
164 *ret
= RLIM_INFINITY
;
168 r
= parse_time(val
, &t
, 1);
171 if (t
== USEC_INFINITY
) {
172 *ret
= RLIM_INFINITY
;
180 static int rlimit_parse_nice(const char *val
, rlim_t
*ret
) {
184 /* So, Linux is weird. The range for RLIMIT_NICE is 40..1, mapping to the nice levels -20..19. However, the
185 * RLIMIT_NICE limit defaults to 0 by the kernel, i.e. a value that maps to nice level 20, which of course is
186 * bogus and does not exist. In order to permit parsing the RLIMIT_NICE of 0 here we hence implement a slight
187 * asymmetry: when parsing as positive nice level we permit 0..19. When parsing as negative nice level, we
188 * permit -20..0. But when parsing as raw resource limit value then we also allow the special value 0.
190 * Yeah, Linux is quality engineering sometimes... */
194 /* Prefixed with "+": Parse as positive user-friendly nice value */
195 r
= safe_atou64(val
+ 1, &rl
);
204 } else if (val
[0] == '-') {
206 /* Prefixed with "-": Parse as negative user-friendly nice value */
207 r
= safe_atou64(val
+ 1, &rl
);
211 if (rl
> (uint64_t) (-PRIO_MIN
))
217 /* Not prefixed: parse as raw resource limit value */
218 r
= safe_atou64(val
, &rl
);
222 if (rl
> (uint64_t) (20 - PRIO_MIN
))
230 static int (*const rlimit_parse_table
[_RLIMIT_MAX
])(const char *val
, rlim_t
*ret
) = {
231 [RLIMIT_CPU
] = rlimit_parse_sec
,
232 [RLIMIT_FSIZE
] = rlimit_parse_size
,
233 [RLIMIT_DATA
] = rlimit_parse_size
,
234 [RLIMIT_STACK
] = rlimit_parse_size
,
235 [RLIMIT_CORE
] = rlimit_parse_size
,
236 [RLIMIT_RSS
] = rlimit_parse_size
,
237 [RLIMIT_NOFILE
] = rlimit_parse_u64
,
238 [RLIMIT_AS
] = rlimit_parse_size
,
239 [RLIMIT_NPROC
] = rlimit_parse_u64
,
240 [RLIMIT_MEMLOCK
] = rlimit_parse_size
,
241 [RLIMIT_LOCKS
] = rlimit_parse_u64
,
242 [RLIMIT_SIGPENDING
] = rlimit_parse_u64
,
243 [RLIMIT_MSGQUEUE
] = rlimit_parse_size
,
244 [RLIMIT_NICE
] = rlimit_parse_nice
,
245 [RLIMIT_RTPRIO
] = rlimit_parse_u64
,
246 [RLIMIT_RTTIME
] = rlimit_parse_usec
,
249 int rlimit_parse_one(int resource
, const char *val
, rlim_t
*ret
) {
255 if (resource
>= _RLIMIT_MAX
)
258 return rlimit_parse_table
[resource
](val
, ret
);
261 int rlimit_parse(int resource
, const char *val
, struct rlimit
*ret
) {
262 _cleanup_free_
char *hard
= NULL
, *soft
= NULL
;
269 r
= extract_first_word(&val
, &soft
, ":", EXTRACT_DONT_COALESCE_SEPARATORS
);
275 r
= rlimit_parse_one(resource
, soft
, &sl
);
279 r
= extract_first_word(&val
, &hard
, ":", EXTRACT_DONT_COALESCE_SEPARATORS
);
287 r
= rlimit_parse_one(resource
, hard
, &hl
);
294 *ret
= (struct rlimit
) {
302 int rlimit_format(const struct rlimit
*rl
, char **ret
) {
308 if (rl
->rlim_cur
>= RLIM_INFINITY
&& rl
->rlim_max
>= RLIM_INFINITY
)
309 s
= strdup("infinity");
310 else if (rl
->rlim_cur
>= RLIM_INFINITY
)
311 (void) asprintf(&s
, "infinity:" RLIM_FMT
, rl
->rlim_max
);
312 else if (rl
->rlim_max
>= RLIM_INFINITY
)
313 (void) asprintf(&s
, RLIM_FMT
":infinity", rl
->rlim_cur
);
314 else if (rl
->rlim_cur
== rl
->rlim_max
)
315 (void) asprintf(&s
, RLIM_FMT
, rl
->rlim_cur
);
317 (void) asprintf(&s
, RLIM_FMT
":" RLIM_FMT
, rl
->rlim_cur
, rl
->rlim_max
);
326 static const char* const rlimit_table
[_RLIMIT_MAX
] = {
328 [RLIMIT_CORE
] = "CORE",
329 [RLIMIT_CPU
] = "CPU",
330 [RLIMIT_DATA
] = "DATA",
331 [RLIMIT_FSIZE
] = "FSIZE",
332 [RLIMIT_LOCKS
] = "LOCKS",
333 [RLIMIT_MEMLOCK
] = "MEMLOCK",
334 [RLIMIT_MSGQUEUE
] = "MSGQUEUE",
335 [RLIMIT_NICE
] = "NICE",
336 [RLIMIT_NOFILE
] = "NOFILE",
337 [RLIMIT_NPROC
] = "NPROC",
338 [RLIMIT_RSS
] = "RSS",
339 [RLIMIT_RTPRIO
] = "RTPRIO",
340 [RLIMIT_RTTIME
] = "RTTIME",
341 [RLIMIT_SIGPENDING
] = "SIGPENDING",
342 [RLIMIT_STACK
] = "STACK",
345 DEFINE_STRING_TABLE_LOOKUP(rlimit
, int);
347 int rlimit_from_string_harder(const char *s
) {
350 /* The official prefix */
351 suffix
= startswith(s
, "RLIMIT_");
353 return rlimit_from_string(suffix
);
355 /* Our own unit file setting prefix */
356 suffix
= startswith(s
, "Limit");
358 return rlimit_from_string(suffix
);
360 return rlimit_from_string(s
);
363 void rlimit_free_all(struct rlimit
**rl
) {
369 for (i
= 0; i
< _RLIMIT_MAX
; i
++)
370 rl
[i
] = mfree(rl
[i
]);
373 int rlimit_nofile_bump(int limit
) {
376 /* Bumps the (soft) RLIMIT_NOFILE resource limit as close as possible to the specified limit. If a negative
377 * limit is specified, bumps it to the maximum the kernel and the hard resource limit allows. This call should
378 * be used by all our programs that might need a lot of fds, and that know how to deal with high fd numbers
379 * (i.e. do not use select() — which chokes on fds >= 1024) */
382 limit
= read_nr_open();
387 r
= setrlimit_closest(RLIMIT_NOFILE
, &RLIMIT_MAKE_CONST(limit
));
389 return log_debug_errno(r
, "Failed to set RLIMIT_NOFILE: %m");
394 int rlimit_nofile_safe(void) {
397 /* Resets RLIMIT_NOFILE's soft limit FD_SETSIZE (i.e. 1024), for compatibility with software still using
400 if (getrlimit(RLIMIT_NOFILE
, &rl
) < 0)
401 return log_debug_errno(errno
, "Failed to query RLIMIT_NOFILE: %m");
403 if (rl
.rlim_cur
<= FD_SETSIZE
)
406 rl
.rlim_cur
= FD_SETSIZE
;
407 if (setrlimit(RLIMIT_NOFILE
, &rl
) < 0)
408 return log_debug_errno(errno
, "Failed to lower RLIMIT_NOFILE's soft limit to " RLIM_FMT
": %m", rl
.rlim_cur
);