[thirdparty/systemd.git] / src / basic / rlimit-util.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include <errno.h>

#include "alloc-util.h"
#include "errno-util.h"
#include "extract-word.h"
#include "fd-util.h"
#include "format-util.h"
#include "macro.h"
#include "missing_resource.h"
#include "rlimit-util.h"
#include "string-table.h"
#include "time-util.h"

int setrlimit_closest(int resource, const struct rlimit *rlim) {
        struct rlimit highest, fixed;

        assert(rlim);

        if (setrlimit(resource, rlim) >= 0)
                return 0;

        if (errno != EPERM)
                return -errno;

        /* So we failed to set the desired setrlimit, then let's try
         * to get as close as we can */
        if (getrlimit(resource, &highest) < 0)
                return -errno;

        /* If the hard limit is unbounded anyway, then the EPERM had other reasons, let's propagate the original EPERM
         * then */
        if (highest.rlim_max == RLIM_INFINITY)
                return -EPERM;

        fixed = (struct rlimit) {
                .rlim_cur = MIN(rlim->rlim_cur, highest.rlim_max),
                .rlim_max = MIN(rlim->rlim_max, highest.rlim_max),
        };

        /* Shortcut things if we wouldn't change anything. */
        if (fixed.rlim_cur == highest.rlim_cur &&
            fixed.rlim_max == highest.rlim_max)
                return 0;

        log_debug("Failed at setting rlimit " RLIM_FMT " for resource RLIMIT_%s. Will attempt setting value " RLIM_FMT " instead.", rlim->rlim_max, rlimit_to_string(resource), fixed.rlim_max);

        return RET_NERRNO(setrlimit(resource, &fixed));
}

int setrlimit_closest_all(const struct rlimit *const *rlim, int *which_failed) {
        int r;

        assert(rlim);

        /* On failure returns the limit's index that failed in *which_failed, but only if non-NULL */

        for (int i = 0; i < _RLIMIT_MAX; i++) {
                if (!rlim[i])
                        continue;

                r = setrlimit_closest(i, rlim[i]);
                if (r < 0) {
                        if (which_failed)
                                *which_failed = i;

                        return r;
                }
        }

        if (which_failed)
                *which_failed = -1;

        return 0;
}

static int rlimit_parse_u64(const char *val, rlim_t *ret) {
        uint64_t u;
        int r;

        assert(val);
        assert(ret);

        if (streq(val, "infinity")) {
                *ret = RLIM_INFINITY;
                return 0;
        }

        /* setrlimit(2) suggests rlim_t is always 64bit on Linux. */
        assert_cc(sizeof(rlim_t) == sizeof(uint64_t));

        r = safe_atou64(val, &u);
        if (r < 0)
                return r;
        if (u >= (uint64_t) RLIM_INFINITY)
                return -ERANGE;

        *ret = (rlim_t) u;
        return 0;
}

static int rlimit_parse_size(const char *val, rlim_t *ret) {
        uint64_t u;
        int r;

        assert(val);
        assert(ret);

        if (streq(val, "infinity")) {
                *ret = RLIM_INFINITY;
                return 0;
        }

        r = parse_size(val, 1024, &u);
        if (r < 0)
                return r;
        if (u >= (uint64_t) RLIM_INFINITY)
                return -ERANGE;

        *ret = (rlim_t) u;
        return 0;
}

static int rlimit_parse_sec(const char *val, rlim_t *ret) {
        uint64_t u;
        usec_t t;
        int r;

        assert(val);
        assert(ret);

        if (streq(val, "infinity")) {
                *ret = RLIM_INFINITY;
                return 0;
        }

        r = parse_sec(val, &t);
        if (r < 0)
                return r;
        if (t == USEC_INFINITY) {
                *ret = RLIM_INFINITY;
                return 0;
        }

        u = (uint64_t) DIV_ROUND_UP(t, USEC_PER_SEC);
        if (u >= (uint64_t) RLIM_INFINITY)
                return -ERANGE;

        *ret = (rlim_t) u;
        return 0;
}

static int rlimit_parse_usec(const char *val, rlim_t *ret) {
        usec_t t;
        int r;

        assert(val);
        assert(ret);

        if (streq(val, "infinity")) {
                *ret = RLIM_INFINITY;
                return 0;
        }

        r = parse_time(val, &t, 1);
        if (r < 0)
                return r;
        if (t == USEC_INFINITY) {
                *ret = RLIM_INFINITY;
                return 0;
        }

        *ret = (rlim_t) t;
        return 0;
}

static int rlimit_parse_nice(const char *val, rlim_t *ret) {
        uint64_t rl;
        int r;

        /* So, Linux is weird. The range for RLIMIT_NICE is 40..1, mapping to the nice levels -20..19. However, the
         * RLIMIT_NICE limit defaults to 0 by the kernel, i.e. a value that maps to nice level 20, which of course is
         * bogus and does not exist. In order to permit parsing the RLIMIT_NICE of 0 here we hence implement a slight
         * asymmetry: when parsing as positive nice level we permit 0..19. When parsing as negative nice level, we
         * permit -20..0. But when parsing as raw resource limit value then we also allow the special value 0.
         *
         * Yeah, Linux is quality engineering sometimes... */

        if (val[0] == '+') {

                /* Prefixed with "+": Parse as positive user-friendly nice value */
                r = safe_atou64(val + 1, &rl);
                if (r < 0)
                        return r;

                if (rl >= PRIO_MAX)
                        return -ERANGE;

                rl = 20 - rl;

        } else if (val[0] == '-') {

                /* Prefixed with "-": Parse as negative user-friendly nice value */
                r = safe_atou64(val + 1, &rl);
                if (r < 0)
                        return r;

                if (rl > (uint64_t) (-PRIO_MIN))
                        return -ERANGE;

                rl = 20 + rl;
        } else {

                /* Not prefixed: parse as raw resource limit value */
                r = safe_atou64(val, &rl);
                if (r < 0)
                        return r;

                if (rl > (uint64_t) (20 - PRIO_MIN))
                        return -ERANGE;
        }

        *ret = (rlim_t) rl;
        return 0;
}

static int (*const rlimit_parse_table[_RLIMIT_MAX])(const char *val, rlim_t *ret) = {
        [RLIMIT_CPU] = rlimit_parse_sec,
        [RLIMIT_FSIZE] = rlimit_parse_size,
        [RLIMIT_DATA] = rlimit_parse_size,
        [RLIMIT_STACK] = rlimit_parse_size,
        [RLIMIT_CORE] = rlimit_parse_size,
        [RLIMIT_RSS] = rlimit_parse_size,
        [RLIMIT_NOFILE] = rlimit_parse_u64,
        [RLIMIT_AS] = rlimit_parse_size,
        [RLIMIT_NPROC] = rlimit_parse_u64,
        [RLIMIT_MEMLOCK] = rlimit_parse_size,
        [RLIMIT_LOCKS] = rlimit_parse_u64,
        [RLIMIT_SIGPENDING] = rlimit_parse_u64,
        [RLIMIT_MSGQUEUE] = rlimit_parse_size,
        [RLIMIT_NICE] = rlimit_parse_nice,
        [RLIMIT_RTPRIO] = rlimit_parse_u64,
        [RLIMIT_RTTIME] = rlimit_parse_usec,
};

int rlimit_parse_one(int resource, const char *val, rlim_t *ret) {
        assert(val);
        assert(ret);

        if (resource < 0)
                return -EINVAL;
        if (resource >= _RLIMIT_MAX)
                return -EINVAL;

        return rlimit_parse_table[resource](val, ret);
}

int rlimit_parse(int resource, const char *val, struct rlimit *ret) {
        _cleanup_free_ char *hard = NULL, *soft = NULL;
        rlim_t hl, sl;
        int r;

        assert(val);
        assert(ret);

        r = extract_first_word(&val, &soft, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
        if (r < 0)
                return r;
        if (r == 0)
                return -EINVAL;

        r = rlimit_parse_one(resource, soft, &sl);
        if (r < 0)
                return r;

        r = extract_first_word(&val, &hard, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
        if (r < 0)
                return r;
        if (!isempty(val))
                return -EINVAL;
        if (r == 0)
                hl = sl;
        else {
                r = rlimit_parse_one(resource, hard, &hl);
                if (r < 0)
                        return r;
                if (sl > hl)
                        return -EILSEQ;
        }

        *ret = (struct rlimit) {
                .rlim_cur = sl,
                .rlim_max = hl,
        };

        return 0;
}

int rlimit_format(const struct rlimit *rl, char **ret) {
        _cleanup_free_ char *s = NULL;
        int r;

        assert(rl);
        assert(ret);

        if (rl->rlim_cur >= RLIM_INFINITY && rl->rlim_max >= RLIM_INFINITY)
                r = free_and_strdup(&s, "infinity");
        else if (rl->rlim_cur >= RLIM_INFINITY)
                r = asprintf(&s, "infinity:" RLIM_FMT, rl->rlim_max);
        else if (rl->rlim_max >= RLIM_INFINITY)
                r = asprintf(&s, RLIM_FMT ":infinity", rl->rlim_cur);
        else if (rl->rlim_cur == rl->rlim_max)
                r = asprintf(&s, RLIM_FMT, rl->rlim_cur);
        else
                r = asprintf(&s, RLIM_FMT ":" RLIM_FMT, rl->rlim_cur, rl->rlim_max);
        if (r < 0)
                return -ENOMEM;

        *ret = TAKE_PTR(s);
        return 0;
}

static const char* const rlimit_table[_RLIMIT_MAX] = {
        [RLIMIT_AS]         = "AS",
        [RLIMIT_CORE]       = "CORE",
        [RLIMIT_CPU]        = "CPU",
        [RLIMIT_DATA]       = "DATA",
        [RLIMIT_FSIZE]      = "FSIZE",
        [RLIMIT_LOCKS]      = "LOCKS",
        [RLIMIT_MEMLOCK]    = "MEMLOCK",
        [RLIMIT_MSGQUEUE]   = "MSGQUEUE",
        [RLIMIT_NICE]       = "NICE",
        [RLIMIT_NOFILE]     = "NOFILE",
        [RLIMIT_NPROC]      = "NPROC",
        [RLIMIT_RSS]        = "RSS",
        [RLIMIT_RTPRIO]     = "RTPRIO",
        [RLIMIT_RTTIME]     = "RTTIME",
        [RLIMIT_SIGPENDING] = "SIGPENDING",
        [RLIMIT_STACK]      = "STACK",
};

DEFINE_STRING_TABLE_LOOKUP(rlimit, int);

int rlimit_from_string_harder(const char *s) {
        const char *suffix;

        /* The official prefix */
        suffix = startswith(s, "RLIMIT_");
        if (suffix)
                return rlimit_from_string(suffix);

        /* Our own unit file setting prefix */
        suffix = startswith(s, "Limit");
        if (suffix)
                return rlimit_from_string(suffix);

        return rlimit_from_string(s);
}

void rlimit_free_all(struct rlimit **rl) {
        int i;

        if (!rl)
                return;

        for (i = 0; i < _RLIMIT_MAX; i++)
                rl[i] = mfree(rl[i]);
}

int rlimit_nofile_bump(int limit) {
        int r;

        /* Bumps the (soft) RLIMIT_NOFILE resource limit as close as possible to the specified limit. If a negative
         * limit is specified, bumps it to the maximum the kernel and the hard resource limit allows. This call should
         * be used by all our programs that might need a lot of fds, and that know how to deal with high fd numbers
         * (i.e. do not use select() — which chokes on fds >= 1024) */

        if (limit < 0)
                limit = read_nr_open();

        if (limit < 3)
                limit = 3;

        r = setrlimit_closest(RLIMIT_NOFILE, &RLIMIT_MAKE_CONST(limit));
        if (r < 0)
                return log_debug_errno(r, "Failed to set RLIMIT_NOFILE: %m");

        return 0;
}

int rlimit_nofile_safe(void) {
        struct rlimit rl;

        /* Resets RLIMIT_NOFILE's soft limit FD_SETSIZE (i.e. 1024), for compatibility with software still using
         * select() */

        if (getrlimit(RLIMIT_NOFILE, &rl) < 0)
                return log_debug_errno(errno, "Failed to query RLIMIT_NOFILE: %m");

        if (rl.rlim_cur <= FD_SETSIZE)
                return 0;

        rl.rlim_cur = FD_SETSIZE;
        if (setrlimit(RLIMIT_NOFILE, &rl) < 0)
                return log_debug_errno(errno, "Failed to lower RLIMIT_NOFILE's soft limit to " RLIM_FMT ": %m", rl.rlim_cur);

        return 1;
}
Commit	Line	Data
db9ecf05	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
78f22b97	2
11c3a366	3	#include <errno.h>
11c3a366	4
d0a7c5f6	5	#include "alloc-util.h"
7c248223	6	#include "errno-util.h"
d0a7c5f6	7	#include "extract-word.h"
99ab6fdf	8	#include "fd-util.h"
f97b34a6	9	#include "format-util.h"
93cc7779	10	#include "macro.h"
f5947a5e	11	#include "missing_resource.h"
78f22b97	12	#include "rlimit-util.h"
8b43440b	13	#include "string-table.h"
d0a7c5f6	14	#include "time-util.h"
78f22b97 LP	15
	16	int setrlimit_closest(int resource, const struct rlimit *rlim) {
	17	struct rlimit highest, fixed;
	18
	19	assert(rlim);
	20
	21	if (setrlimit(resource, rlim) >= 0)
	22	return 0;
	23
	24	if (errno != EPERM)
	25	return -errno;
	26
	27	/* So we failed to set the desired setrlimit, then let's try
	28	* to get as close as we can */
c4ad3f43 LP	29	if (getrlimit(resource, &highest) < 0)
c4ad3f43 LP	30	return -errno;
78f22b97	31
114c55f2 LP	32	/* If the hard limit is unbounded anyway, then the EPERM had other reasons, let's propagate the original EPERM
	33	* then */
	34	if (highest.rlim_max == RLIM_INFINITY)
	35	return -EPERM;
	36
0bbee2c2 LP	37	fixed = (struct rlimit) {
	38	.rlim_cur = MIN(rlim->rlim_cur, highest.rlim_max),
	39	.rlim_max = MIN(rlim->rlim_max, highest.rlim_max),
	40	};
	41
	42	/* Shortcut things if we wouldn't change anything. */
	43	if (fixed.rlim_cur == highest.rlim_cur &&
	44	fixed.rlim_max == highest.rlim_max)
	45	return 0;
78f22b97	46
1edebb0b PD	47	log_debug("Failed at setting rlimit " RLIM_FMT " for resource RLIMIT_%s. Will attempt setting value " RLIM_FMT " instead.", rlim->rlim_max, rlimit_to_string(resource), fixed.rlim_max);
1edebb0b PD	48
7c248223	49	return RET_NERRNO(setrlimit(resource, &fixed));
78f22b97 LP	50	}
78f22b97 LP	51
34a5df58	52	int setrlimit_closest_all(const struct rlimit const rlim, int *which_failed) {
fe96c0f8	53	int r;
34a5df58 LP	54
	55	assert(rlim);
	56
	57	/* On failure returns the limit's index that failed in which_failed, but only if non-NULL /
	58
fe96c0f8	59	for (int i = 0; i < _RLIMIT_MAX; i++) {
34a5df58 LP	60	if (!rlim[i])
	61	continue;
	62
	63	r = setrlimit_closest(i, rlim[i]);
	64	if (r < 0) {
	65	if (which_failed)
	66	*which_failed = i;
	67
	68	return r;
	69	}
	70	}
	71
	72	if (which_failed)
	73	*which_failed = -1;
	74
	75	return 0;
	76	}
	77
d0a7c5f6 LP	78	static int rlimit_parse_u64(const char val, rlim_t ret) {
	79	uint64_t u;
	80	int r;
	81
	82	assert(val);
	83	assert(ret);
	84
	85	if (streq(val, "infinity")) {
	86	*ret = RLIM_INFINITY;
	87	return 0;
	88	}
	89
	90	/* setrlimit(2) suggests rlim_t is always 64bit on Linux. */
	91	assert_cc(sizeof(rlim_t) == sizeof(uint64_t));
	92
	93	r = safe_atou64(val, &u);
	94	if (r < 0)
	95	return r;
	96	if (u >= (uint64_t) RLIM_INFINITY)
	97	return -ERANGE;
	98
	99	*ret = (rlim_t) u;
	100	return 0;
	101	}
	102
	103	static int rlimit_parse_size(const char val, rlim_t ret) {
	104	uint64_t u;
	105	int r;
	106
	107	assert(val);
	108	assert(ret);
	109
	110	if (streq(val, "infinity")) {
	111	*ret = RLIM_INFINITY;
	112	return 0;
	113	}
	114
	115	r = parse_size(val, 1024, &u);
	116	if (r < 0)
	117	return r;
	118	if (u >= (uint64_t) RLIM_INFINITY)
	119	return -ERANGE;
	120
	121	*ret = (rlim_t) u;
	122	return 0;
	123	}
	124
	125	static int rlimit_parse_sec(const char val, rlim_t ret) {
	126	uint64_t u;
	127	usec_t t;
	128	int r;
	129
	130	assert(val);
	131	assert(ret);
	132
	133	if (streq(val, "infinity")) {
	134	*ret = RLIM_INFINITY;
	135	return 0;
	136	}
	137
	138	r = parse_sec(val, &t);
	139	if (r < 0)
	140	return r;
	141	if (t == USEC_INFINITY) {
142	*ret = RLIM_INFINITY;
143	return 0;
144	}
145
146	u = (uint64_t) DIV_ROUND_UP(t, USEC_PER_SEC);
147	if (u >= (uint64_t) RLIM_INFINITY)
148	return -ERANGE;
149
150	*ret = (rlim_t) u;
151	return 0;
152	}
153
154	static int rlimit_parse_usec(const char val, rlim_t ret) {
155	usec_t t;
156	int r;
157
158	assert(val);
159	assert(ret);
160
161	if (streq(val, "infinity")) {
162	*ret = RLIM_INFINITY;
163	return 0;
164	}
165
166	r = parse_time(val, &t, 1);
167	if (r < 0)
168	return r;
169	if (t == USEC_INFINITY) {
170	*ret = RLIM_INFINITY;
171	return 0;
172	}
173
174	*ret = (rlim_t) t;
175	return 0;
176	}
177
29857001 LP	178	static int rlimit_parse_nice(const char val, rlim_t ret) {
	179	uint64_t rl;
	180	int r;
	181
	182	/* So, Linux is weird. The range for RLIMIT_NICE is 40..1, mapping to the nice levels -20..19. However, the
	183	* RLIMIT_NICE limit defaults to 0 by the kernel, i.e. a value that maps to nice level 20, which of course is
	184	* bogus and does not exist. In order to permit parsing the RLIMIT_NICE of 0 here we hence implement a slight
	185	* asymmetry: when parsing as positive nice level we permit 0..19. When parsing as negative nice level, we
	186	* permit -20..0. But when parsing as raw resource limit value then we also allow the special value 0.
	187	*
	188	* Yeah, Linux is quality engineering sometimes... */
	189
	190	if (val[0] == '+') {
	191
	192	/* Prefixed with "+": Parse as positive user-friendly nice value */
	193	r = safe_atou64(val + 1, &rl);
	194	if (r < 0)
	195	return r;
	196
	197	if (rl >= PRIO_MAX)
	198	return -ERANGE;
	199
	200	rl = 20 - rl;
	201
	202	} else if (val[0] == '-') {
	203
	204	/* Prefixed with "-": Parse as negative user-friendly nice value */
	205	r = safe_atou64(val + 1, &rl);
	206	if (r < 0)
	207	return r;
	208
	209	if (rl > (uint64_t) (-PRIO_MIN))
	210	return -ERANGE;
	211
	212	rl = 20 + rl;
	213	} else {
	214
	215	/* Not prefixed: parse as raw resource limit value */
	216	r = safe_atou64(val, &rl);
	217	if (r < 0)
	218	return r;
	219
	220	if (rl > (uint64_t) (20 - PRIO_MIN))
	221	return -ERANGE;
	222	}
	223
	224	*ret = (rlim_t) rl;
	225	return 0;
	226	}
	227
d0a7c5f6 LP	228	static int (const rlimit_parse_table[_RLIMIT_MAX])(const char val, rlim_t *ret) = {
	229	[RLIMIT_CPU] = rlimit_parse_sec,
	230	[RLIMIT_FSIZE] = rlimit_parse_size,
	231	[RLIMIT_DATA] = rlimit_parse_size,
	232	[RLIMIT_STACK] = rlimit_parse_size,
	233	[RLIMIT_CORE] = rlimit_parse_size,
	234	[RLIMIT_RSS] = rlimit_parse_size,
	235	[RLIMIT_NOFILE] = rlimit_parse_u64,
	236	[RLIMIT_AS] = rlimit_parse_size,
	237	[RLIMIT_NPROC] = rlimit_parse_u64,
	238	[RLIMIT_MEMLOCK] = rlimit_parse_size,
	239	[RLIMIT_LOCKS] = rlimit_parse_u64,
	240	[RLIMIT_SIGPENDING] = rlimit_parse_u64,
	241	[RLIMIT_MSGQUEUE] = rlimit_parse_size,
29857001	242	[RLIMIT_NICE] = rlimit_parse_nice,
d0a7c5f6 LP	243	[RLIMIT_RTPRIO] = rlimit_parse_u64,
	244	[RLIMIT_RTTIME] = rlimit_parse_usec,
	245	};
	246
	247	int rlimit_parse_one(int resource, const char val, rlim_t ret) {
	248	assert(val);
	249	assert(ret);
	250
	251	if (resource < 0)
	252	return -EINVAL;
	253	if (resource >= _RLIMIT_MAX)
	254	return -EINVAL;
	255
	256	return rlimit_parse_table[resource](val, ret);
	257	}
	258
	259	int rlimit_parse(int resource, const char val, struct rlimit ret) {
	260	_cleanup_free_ char hard = NULL, soft = NULL;
	261	rlim_t hl, sl;
	262	int r;
	263
	264	assert(val);
	265	assert(ret);
	266
	267	r = extract_first_word(&val, &soft, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
	268	if (r < 0)
	269	return r;
	270	if (r == 0)
	271	return -EINVAL;
	272
	273	r = rlimit_parse_one(resource, soft, &sl);
	274	if (r < 0)
	275	return r;
	276
	277	r = extract_first_word(&val, &hard, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
	278	if (r < 0)
	279	return r;
	280	if (!isempty(val))
	281	return -EINVAL;
	282	if (r == 0)
	283	hl = sl;
	284	else {
	285	r = rlimit_parse_one(resource, hard, &hl);
	286	if (r < 0)
	287	return r;
	288	if (sl > hl)
	289	return -EILSEQ;
	290	}
	291
	292	*ret = (struct rlimit) {
	293	.rlim_cur = sl,
	294	.rlim_max = hl,
	295	};
	296
	297	return 0;
	298	}
	299
99d4f5e5	300	int rlimit_format(const struct rlimit rl, char *ret) {
12619d0a ZJS	301	_cleanup_free_ char *s = NULL;
12619d0a ZJS	302	int r;
99d4f5e5 LP	303
	304	assert(rl);
	305	assert(ret);
	306
	307	if (rl->rlim_cur >= RLIM_INFINITY && rl->rlim_max >= RLIM_INFINITY)
12619d0a	308	r = free_and_strdup(&s, "infinity");
99d4f5e5	309	else if (rl->rlim_cur >= RLIM_INFINITY)
12619d0a	310	r = asprintf(&s, "infinity:" RLIM_FMT, rl->rlim_max);
99d4f5e5	311	else if (rl->rlim_max >= RLIM_INFINITY)
12619d0a	312	r = asprintf(&s, RLIM_FMT ":infinity", rl->rlim_cur);
99d4f5e5	313	else if (rl->rlim_cur == rl->rlim_max)
12619d0a	314	r = asprintf(&s, RLIM_FMT, rl->rlim_cur);
99d4f5e5	315	else
12619d0a ZJS	316	r = asprintf(&s, RLIM_FMT ":" RLIM_FMT, rl->rlim_cur, rl->rlim_max);
12619d0a ZJS	317	if (r < 0)
99d4f5e5 LP	318	return -ENOMEM;
99d4f5e5 LP	319
12619d0a	320	*ret = TAKE_PTR(s);
99d4f5e5 LP	321	return 0;
	322	}
	323
78f22b97	324	static const char* const rlimit_table[_RLIMIT_MAX] = {
6550c24c LP	325	[RLIMIT_AS] = "AS",
	326	[RLIMIT_CORE] = "CORE",
	327	[RLIMIT_CPU] = "CPU",
	328	[RLIMIT_DATA] = "DATA",
	329	[RLIMIT_FSIZE] = "FSIZE",
	330	[RLIMIT_LOCKS] = "LOCKS",
	331	[RLIMIT_MEMLOCK] = "MEMLOCK",
	332	[RLIMIT_MSGQUEUE] = "MSGQUEUE",
	333	[RLIMIT_NICE] = "NICE",
	334	[RLIMIT_NOFILE] = "NOFILE",
	335	[RLIMIT_NPROC] = "NPROC",
	336	[RLIMIT_RSS] = "RSS",
	337	[RLIMIT_RTPRIO] = "RTPRIO",
	338	[RLIMIT_RTTIME] = "RTTIME",
	339	[RLIMIT_SIGPENDING] = "SIGPENDING",
	340	[RLIMIT_STACK] = "STACK",
78f22b97 LP	341	};
	342
	343	DEFINE_STRING_TABLE_LOOKUP(rlimit, int);
6550c24c LP	344
	345	int rlimit_from_string_harder(const char *s) {
	346	const char *suffix;
	347
	348	/* The official prefix */
	349	suffix = startswith(s, "RLIMIT_");
	350	if (suffix)
	351	return rlimit_from_string(suffix);
	352
	353	/* Our own unit file setting prefix */
	354	suffix = startswith(s, "Limit");
	355	if (suffix)
	356	return rlimit_from_string(suffix);
	357
	358	return rlimit_from_string(s);
	359	}
31ce987c LP	360
	361	void rlimit_free_all(struct rlimit **rl) {
	362	int i;
	363
	364	if (!rl)
	365	return;
	366
	367	for (i = 0; i < _RLIMIT_MAX; i++)
	368	rl[i] = mfree(rl[i]);
	369	}
99ab6fdf LP	370
	371	int rlimit_nofile_bump(int limit) {
	372	int r;
	373
	374	/* Bumps the (soft) RLIMIT_NOFILE resource limit as close as possible to the specified limit. If a negative
	375	* limit is specified, bumps it to the maximum the kernel and the hard resource limit allows. This call should
	376	* be used by all our programs that might need a lot of fds, and that know how to deal with high fd numbers
	377	* (i.e. do not use select() — which chokes on fds >= 1024) */
	378
	379	if (limit < 0)
	380	limit = read_nr_open();
	381
	382	if (limit < 3)
	383	limit = 3;
	384
	385	r = setrlimit_closest(RLIMIT_NOFILE, &RLIMIT_MAKE_CONST(limit));
	386	if (r < 0)
	387	return log_debug_errno(r, "Failed to set RLIMIT_NOFILE: %m");
	388
	389	return 0;
	390	}
1300f911 LP	391
	392	int rlimit_nofile_safe(void) {
	393	struct rlimit rl;
	394
	395	/* Resets RLIMIT_NOFILE's soft limit FD_SETSIZE (i.e. 1024), for compatibility with software still using
	396	* select() */
	397
	398	if (getrlimit(RLIMIT_NOFILE, &rl) < 0)
	399	return log_debug_errno(errno, "Failed to query RLIMIT_NOFILE: %m");
	400
	401	if (rl.rlim_cur <= FD_SETSIZE)
	402	return 0;
	403
	404	rl.rlim_cur = FD_SETSIZE;
	405	if (setrlimit(RLIMIT_NOFILE, &rl) < 0)
	406	return log_debug_errno(errno, "Failed to lower RLIMIT_NOFILE's soft limit to " RLIM_FMT ": %m", rl.rlim_cur);
	407
	408	return 1;
	409	}