Re: [libvirt PATCH 12/17] util: Try to get limits from /proc
On Mon, 2021-03-08 at 10:50 +0000, Daniel P. Berrangé wrote:
On Fri, Mar 05, 2021 at 08:13:59PM +0100, Andrea Bolognani wrote:
> + if (!(label = virProcessLimitResourceToLabel(resource))) {
> + virReportError(VIR_ERR_INTERNAL_ERROR,
> + _("Unknown resource %d requested for process
%lld"),
> + resource, (long long)pid);
> + return -1;
Setting errors on -1
This is only hit if virProcessGetLimitFromProc() has been asked to
obtain limits for a resource it doesn't know how to fetch, which
indicates a bug in libvirt and is thus reported as internal error.
> + procfile = g_strdup_printf("/proc/%lld/limits",
(long long)pid);
> +
> + if (!g_file_get_contents(procfile, &buf, &len, NULL))
> + return -1;
Not setting errors on -1
This is simply "file couldn't be read", which would be the case on
FreeBSD for example.
> + /* For whatever reason, using prlimit() on another process
- even
> + * when it's just to obtain the current limit rather than changing
> + * it - requires CAP_SYS_RESOURCE, which we might not have in a
> + * containerized environment; on the other hand, no particular
> + * permission is needed to poke around /proc, so try that if going
> + * through the syscall didn't work */
> + if (virProcessGetLimitFromProc(pid, resource, old_limit) == 0)
> + return 0;
This ought to be conditional for Linux only and error reporting needs
to be made consistent.
The intent above was to have this fail quietly on non-Linux without
adding checks for it, but sure I can have an actual stub on other
platforms instead.
--
Andrea Bolognani / Red Hat / Virtualization