virtiofsd: set maximum RLIMIT_NOFILE limit

virtiofsd can exceed the default open file descriptor limit easily on most systems. Take advantage of the fact that it runs as root to raise the limit. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
2019-03-22 15:54:13 +00:00 · 2019-03-22 15:54:13 +00:00 · 01a6dc95ec
parent ee88465224
commit 01a6dc95ec
1 changed files with 32 additions and 0 deletions
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@ -53,6 +53,7 @@
 #include <sys/file.h>
 #include <sys/mount.h>
 #include <sys/prctl.h>
+#include <sys/resource.h>
 #include <sys/syscall.h>
 #include <sys/types.h>
 #include <sys/wait.h>
@ -2268,6 +2269,35 @@ static void setup_sandbox(struct lo_data *lo, struct fuse_session *se)
    setup_seccomp();
 }

+/* Raise the maximum number of open file descriptors */
+static void setup_nofile_rlimit(void)
+{
+    const rlim_t max_fds = 1000000;
+    struct rlimit rlim;
+
+    if (getrlimit(RLIMIT_NOFILE, &rlim) < 0) {
+        fuse_log(FUSE_LOG_ERR, "getrlimit(RLIMIT_NOFILE): %m\n");
+        exit(1);
+    }
+
+    if (rlim.rlim_cur >= max_fds) {
+        return; /* nothing to do */
+    }
+
+    rlim.rlim_cur = max_fds;
+    rlim.rlim_max = max_fds;
+
+    if (setrlimit(RLIMIT_NOFILE, &rlim) < 0) {
+        /* Ignore SELinux denials */
+        if (errno == EPERM) {
+            return;
+        }
+
+        fuse_log(FUSE_LOG_ERR, "setrlimit(RLIMIT_NOFILE): %m\n");
+        exit(1);
+    }
+}
+
 int main(int argc, char *argv[])
 {
    struct fuse_args args = FUSE_ARGS_INIT(argc, argv);
@ -2389,6 +2419,8 @@ int main(int argc, char *argv[])

    fuse_daemonize(opts.foreground);

+    setup_nofile_rlimit();
+
    /* Must be before sandbox since it wants /proc */
    setup_capng();