On 3/5/21 8:13 PM, Andrea Bolognani wrote:
Calling prlimit() requires elevated privileges, specifically
CAP_SYS_RESOURCE, and getrlimit() only works for the current
process which is too limiting for our needs; /proc/$pid/limits,
on the other hand, can be read by any process, so implement
parsing that file as a fallback for when prlimit() fails.
This is useful in containerized environments.
Signed-off-by: Andrea Bolognani <abologna@xxxxxxxxxx>
---
src/util/virprocess.c | 98 +++++++++++++++++++++++++++++++++++++++++++
1 file changed, 98 insertions(+)
Sorry in advance for hijacking this thread.
+static int
+virProcessGetLimitFromProc(pid_t pid,
+ int resource,
+ struct rlimit *limit)
+{
+ g_autofree char *procfile = NULL;
+ g_autofree char *buf = NULL;
+ g_auto(GStrv) lines = NULL;
+ const char *label;
+ size_t len;
+ size_t i;
+
+ if (!(label = virProcessLimitResourceToLabel(resource))) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("Unknown resource %d requested for process %lld"),
+ resource, (long long)pid);
+ return -1;
+ }
+
+ procfile = g_strdup_printf("/proc/%lld/limits", (long long)pid);
+
+ if (!g_file_get_contents(procfile, &buf, &len, NULL))
+ return -1;
I did not spot this yesterday, but now I'm working on a something else
and have to read a contents of a file under /proc. I did not recall the
exact name but remembered where I saw it lately - here :-)
And now that I am thinking about it - and reading the docs - is this
function safe? I mean, it reads file without any limit - which may be
fine for /proc files, but I worry that if allowed in one func it may
sneak into others and read user provided files, or while its use in a
function X might be warranted for now, in the future after some refactor
the function X might be used to read user provided files.
Therefore, I think it should go onto the list of not-on-my-watch
functions and we ought stick with our fine crafted virFileRead*().
BTW: I think the same about g_get_host_name(), which does not reflect
hostname changes. Unfortunately, we have three places which slipped
through while I wasn't watching. I'll look into how to revert them.
Michal
