صفحهٔ اصلی گشت‌و‌گذار راهنما
ثبت نام ورود
phyus
/
linux-vybrid_public
8
0
انشعاب 0
پرونده‌ها مشکلات 0 درخواست واکشی 0 ویکی
فهرست منبع

rlimit: permit setting RLIMIT_NOFILE to RLIM_INFINITY

When a process wants to set the limit of open files to RLIM_INFINITY it
gets EPERM even if it has CAP_SYS_RESOURCE capability.

For example, BIND does:

...
#elif defined(NR_OPEN) && defined(__linux__)
        /*
         * Some Linux kernels don't accept RLIM_INFINIT; the maximum
         * possible value is the NR_OPEN defined in linux/fs.h.
         */
        if (resource == isc_resource_openfiles && rlim_value == RLIM_INFINITY) {
                rl.rlim_cur = rl.rlim_max = NR_OPEN;
                unixresult = setrlimit(unixresource, &rl);
                if (unixresult == 0)
                        return (ISC_R_SUCCESS);
        }
#elif ...

If we allow setting RLIMIT_NOFILE to RLIM_INFINITY we increase portability
- you don't have to check if OS is linux and then use different schema for
limits.

The spec says "Specifying RLIM_INFINITY as any resource limit value on a
successful call to setrlimit() shall inhibit enforcement of that resource
limit." and we're presently not doing that.

Cc: Michael Kerrisk <mtk.manpages@googlemail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Adam Tkac 16 سال پیش
والد
b4236f81f2
کامیت
0c2d64fb6c
1فایلهای تغییر یافته به همراه12 افزوده شده و 4 حذف شده
نمای یکپارچه نمایش آمار تفاوت ها
  1. 12 4
      kernel/sys.c

+ 12 - 4
kernel/sys.c
مشاهده فایل 

@@ -1450,14 +1450,22 @@ asmlinkage long sys_setrlimit(unsigned int resource, struct rlimit __user *rlim)
 
 		return -EINVAL;
 
 		return -EINVAL;
 
 	if (copy_from_user(&new_rlim, rlim, sizeof(*rlim)))
 
 	if (copy_from_user(&new_rlim, rlim, sizeof(*rlim)))
 
 		return -EFAULT;
 
 		return -EFAULT;
 
-	if (new_rlim.rlim_cur > new_rlim.rlim_max)
 
-		return -EINVAL;
 
 	old_rlim = current->signal->rlim + resource;
 
 	old_rlim = current->signal->rlim + resource;
 
 	if ((new_rlim.rlim_max > old_rlim->rlim_max) &&
 
 	if ((new_rlim.rlim_max > old_rlim->rlim_max) &&
 
 	    !capable(CAP_SYS_RESOURCE))
 
 	    !capable(CAP_SYS_RESOURCE))
 
 		return -EPERM;
 
 		return -EPERM;
 
-	if (resource == RLIMIT_NOFILE && new_rlim.rlim_max > sysctl_nr_open)
 
-		return -EPERM;
 
+
 
+	if (resource == RLIMIT_NOFILE) {
 
+		if (new_rlim.rlim_max == RLIM_INFINITY)
 
+			new_rlim.rlim_max = sysctl_nr_open;
 
+		if (new_rlim.rlim_cur == RLIM_INFINITY)
 
+			new_rlim.rlim_cur = sysctl_nr_open;
 
+		if (new_rlim.rlim_max > sysctl_nr_open)
 
+			return -EPERM;
 
+	}
 
+
 
+	if (new_rlim.rlim_cur > new_rlim.rlim_max)
 
+		return -EINVAL;
 
 
 
 	retval = security_task_setrlimit(resource, &new_rlim);
 
 	retval = security_task_setrlimit(resource, &new_rlim);
 
 	if (retval)
 
 	if (retval)