1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
5 #include "alloc-util.h"
6 #include "extract-word.h"
8 #include "format-util.h"
10 #include "missing_resource.h"
11 #include "rlimit-util.h"
12 #include "string-table.h"
13 #include "time-util.h"
15 int setrlimit_closest(int resource
, const struct rlimit
*rlim
) {
16 struct rlimit highest
, fixed
;
20 if (setrlimit(resource
, rlim
) >= 0)
26 /* So we failed to set the desired setrlimit, then let's try
27 * to get as close as we can */
28 if (getrlimit(resource
, &highest
) < 0)
31 /* If the hard limit is unbounded anyway, then the EPERM had other reasons, let's propagate the original EPERM
33 if (highest
.rlim_max
== RLIM_INFINITY
)
36 fixed
= (struct rlimit
) {
37 .rlim_cur
= MIN(rlim
->rlim_cur
, highest
.rlim_max
),
38 .rlim_max
= MIN(rlim
->rlim_max
, highest
.rlim_max
),
41 /* Shortcut things if we wouldn't change anything. */
42 if (fixed
.rlim_cur
== highest
.rlim_cur
&&
43 fixed
.rlim_max
== highest
.rlim_max
)
46 if (setrlimit(resource
, &fixed
) < 0)
52 int setrlimit_closest_all(const struct rlimit
*const *rlim
, int *which_failed
) {
57 /* On failure returns the limit's index that failed in *which_failed, but only if non-NULL */
59 for (int i
= 0; i
< _RLIMIT_MAX
; i
++) {
63 r
= setrlimit_closest(i
, rlim
[i
]);
78 static int rlimit_parse_u64(const char *val
, rlim_t
*ret
) {
85 if (streq(val
, "infinity")) {
90 /* setrlimit(2) suggests rlim_t is always 64bit on Linux. */
91 assert_cc(sizeof(rlim_t
) == sizeof(uint64_t));
93 r
= safe_atou64(val
, &u
);
96 if (u
>= (uint64_t) RLIM_INFINITY
)
103 static int rlimit_parse_size(const char *val
, rlim_t
*ret
) {
110 if (streq(val
, "infinity")) {
111 *ret
= RLIM_INFINITY
;
115 r
= parse_size(val
, 1024, &u
);
118 if (u
>= (uint64_t) RLIM_INFINITY
)
125 static int rlimit_parse_sec(const char *val
, rlim_t
*ret
) {
133 if (streq(val
, "infinity")) {
134 *ret
= RLIM_INFINITY
;
138 r
= parse_sec(val
, &t
);
141 if (t
== USEC_INFINITY
) {
142 *ret
= RLIM_INFINITY
;
146 u
= (uint64_t) DIV_ROUND_UP(t
, USEC_PER_SEC
);
147 if (u
>= (uint64_t) RLIM_INFINITY
)
154 static int rlimit_parse_usec(const char *val
, rlim_t
*ret
) {
161 if (streq(val
, "infinity")) {
162 *ret
= RLIM_INFINITY
;
166 r
= parse_time(val
, &t
, 1);
169 if (t
== USEC_INFINITY
) {
170 *ret
= RLIM_INFINITY
;
178 static int rlimit_parse_nice(const char *val
, rlim_t
*ret
) {
182 /* So, Linux is weird. The range for RLIMIT_NICE is 40..1, mapping to the nice levels -20..19. However, the
183 * RLIMIT_NICE limit defaults to 0 by the kernel, i.e. a value that maps to nice level 20, which of course is
184 * bogus and does not exist. In order to permit parsing the RLIMIT_NICE of 0 here we hence implement a slight
185 * asymmetry: when parsing as positive nice level we permit 0..19. When parsing as negative nice level, we
186 * permit -20..0. But when parsing as raw resource limit value then we also allow the special value 0.
188 * Yeah, Linux is quality engineering sometimes... */
192 /* Prefixed with "+": Parse as positive user-friendly nice value */
193 r
= safe_atou64(val
+ 1, &rl
);
202 } else if (val
[0] == '-') {
204 /* Prefixed with "-": Parse as negative user-friendly nice value */
205 r
= safe_atou64(val
+ 1, &rl
);
209 if (rl
> (uint64_t) (-PRIO_MIN
))
215 /* Not prefixed: parse as raw resource limit value */
216 r
= safe_atou64(val
, &rl
);
220 if (rl
> (uint64_t) (20 - PRIO_MIN
))
228 static int (*const rlimit_parse_table
[_RLIMIT_MAX
])(const char *val
, rlim_t
*ret
) = {
229 [RLIMIT_CPU
] = rlimit_parse_sec
,
230 [RLIMIT_FSIZE
] = rlimit_parse_size
,
231 [RLIMIT_DATA
] = rlimit_parse_size
,
232 [RLIMIT_STACK
] = rlimit_parse_size
,
233 [RLIMIT_CORE
] = rlimit_parse_size
,
234 [RLIMIT_RSS
] = rlimit_parse_size
,
235 [RLIMIT_NOFILE
] = rlimit_parse_u64
,
236 [RLIMIT_AS
] = rlimit_parse_size
,
237 [RLIMIT_NPROC
] = rlimit_parse_u64
,
238 [RLIMIT_MEMLOCK
] = rlimit_parse_size
,
239 [RLIMIT_LOCKS
] = rlimit_parse_u64
,
240 [RLIMIT_SIGPENDING
] = rlimit_parse_u64
,
241 [RLIMIT_MSGQUEUE
] = rlimit_parse_size
,
242 [RLIMIT_NICE
] = rlimit_parse_nice
,
243 [RLIMIT_RTPRIO
] = rlimit_parse_u64
,
244 [RLIMIT_RTTIME
] = rlimit_parse_usec
,
247 int rlimit_parse_one(int resource
, const char *val
, rlim_t
*ret
) {
253 if (resource
>= _RLIMIT_MAX
)
256 return rlimit_parse_table
[resource
](val
, ret
);
259 int rlimit_parse(int resource
, const char *val
, struct rlimit
*ret
) {
260 _cleanup_free_
char *hard
= NULL
, *soft
= NULL
;
267 r
= extract_first_word(&val
, &soft
, ":", EXTRACT_DONT_COALESCE_SEPARATORS
);
273 r
= rlimit_parse_one(resource
, soft
, &sl
);
277 r
= extract_first_word(&val
, &hard
, ":", EXTRACT_DONT_COALESCE_SEPARATORS
);
285 r
= rlimit_parse_one(resource
, hard
, &hl
);
292 *ret
= (struct rlimit
) {
300 int rlimit_format(const struct rlimit
*rl
, char **ret
) {
306 if (rl
->rlim_cur
>= RLIM_INFINITY
&& rl
->rlim_max
>= RLIM_INFINITY
)
307 s
= strdup("infinity");
308 else if (rl
->rlim_cur
>= RLIM_INFINITY
)
309 (void) asprintf(&s
, "infinity:" RLIM_FMT
, rl
->rlim_max
);
310 else if (rl
->rlim_max
>= RLIM_INFINITY
)
311 (void) asprintf(&s
, RLIM_FMT
":infinity", rl
->rlim_cur
);
312 else if (rl
->rlim_cur
== rl
->rlim_max
)
313 (void) asprintf(&s
, RLIM_FMT
, rl
->rlim_cur
);
315 (void) asprintf(&s
, RLIM_FMT
":" RLIM_FMT
, rl
->rlim_cur
, rl
->rlim_max
);
324 static const char* const rlimit_table
[_RLIMIT_MAX
] = {
326 [RLIMIT_CORE
] = "CORE",
327 [RLIMIT_CPU
] = "CPU",
328 [RLIMIT_DATA
] = "DATA",
329 [RLIMIT_FSIZE
] = "FSIZE",
330 [RLIMIT_LOCKS
] = "LOCKS",
331 [RLIMIT_MEMLOCK
] = "MEMLOCK",
332 [RLIMIT_MSGQUEUE
] = "MSGQUEUE",
333 [RLIMIT_NICE
] = "NICE",
334 [RLIMIT_NOFILE
] = "NOFILE",
335 [RLIMIT_NPROC
] = "NPROC",
336 [RLIMIT_RSS
] = "RSS",
337 [RLIMIT_RTPRIO
] = "RTPRIO",
338 [RLIMIT_RTTIME
] = "RTTIME",
339 [RLIMIT_SIGPENDING
] = "SIGPENDING",
340 [RLIMIT_STACK
] = "STACK",
343 DEFINE_STRING_TABLE_LOOKUP(rlimit
, int);
345 int rlimit_from_string_harder(const char *s
) {
348 /* The official prefix */
349 suffix
= startswith(s
, "RLIMIT_");
351 return rlimit_from_string(suffix
);
353 /* Our own unit file setting prefix */
354 suffix
= startswith(s
, "Limit");
356 return rlimit_from_string(suffix
);
358 return rlimit_from_string(s
);
361 void rlimit_free_all(struct rlimit
**rl
) {
367 for (i
= 0; i
< _RLIMIT_MAX
; i
++)
368 rl
[i
] = mfree(rl
[i
]);
371 int rlimit_nofile_bump(int limit
) {
374 /* Bumps the (soft) RLIMIT_NOFILE resource limit as close as possible to the specified limit. If a negative
375 * limit is specified, bumps it to the maximum the kernel and the hard resource limit allows. This call should
376 * be used by all our programs that might need a lot of fds, and that know how to deal with high fd numbers
377 * (i.e. do not use select() — which chokes on fds >= 1024) */
380 limit
= read_nr_open();
385 r
= setrlimit_closest(RLIMIT_NOFILE
, &RLIMIT_MAKE_CONST(limit
));
387 return log_debug_errno(r
, "Failed to set RLIMIT_NOFILE: %m");
392 int rlimit_nofile_safe(void) {
395 /* Resets RLIMIT_NOFILE's soft limit FD_SETSIZE (i.e. 1024), for compatibility with software still using
398 if (getrlimit(RLIMIT_NOFILE
, &rl
) < 0)
399 return log_debug_errno(errno
, "Failed to query RLIMIT_NOFILE: %m");
401 if (rl
.rlim_cur
<= FD_SETSIZE
)
404 rl
.rlim_cur
= FD_SETSIZE
;
405 if (setrlimit(RLIMIT_NOFILE
, &rl
) < 0)
406 return log_debug_errno(errno
, "Failed to lower RLIMIT_NOFILE's soft limit to " RLIM_FMT
": %m", rl
.rlim_cur
);