The series adds support for setrlimit/getrlimit. Mainly to avoid spurious coredumps when running the tests under qemu-user.
Signed-off-by: Thomas Weißschuh linux@weissschuh.net --- Thomas Weißschuh (3): tools/nolibc: drop custom definition of struct rusage tools/nolibc: add support for getrlimit/setrlimit selftests/nolibc: disable coredump via setrlimit
tools/include/nolibc/sys.h | 38 ++++++++++++++++++++++++++++ tools/include/nolibc/types.h | 21 +-------------- tools/testing/selftests/nolibc/nolibc-test.c | 31 +++++++++++++++++++++++ 3 files changed, 70 insertions(+), 20 deletions(-) --- base-commit: 0dbd4651f3f80151910a36416fa0df28a10c3b0a change-id: 20231122-nolibc-rlimit-bb5b1f264fc4
Best regards,
A future commit will include linux/resource.h, which will conflict with the private definition of struct rusage in nolibc. Avoid the conflict by dropping the private definition and use the one from the UAPI headers.
Signed-off-by: Thomas Weißschuh linux@weissschuh.net --- tools/include/nolibc/types.h | 21 +-------------------- 1 file changed, 1 insertion(+), 20 deletions(-)
diff --git a/tools/include/nolibc/types.h b/tools/include/nolibc/types.h index ad0ddaa89e50..b26a5d0c417c 100644 --- a/tools/include/nolibc/types.h +++ b/tools/include/nolibc/types.h @@ -13,6 +13,7 @@ #include <linux/stat.h> #include <linux/time.h> #include <linux/wait.h> +#include <linux/resource.h>
/* Only the generic macros and types may be defined here. The arch-specific @@ -178,26 +179,6 @@ struct linux_dirent64 { char d_name[]; };
-/* needed by wait4() */ -struct rusage { - struct timeval ru_utime; - struct timeval ru_stime; - long ru_maxrss; - long ru_ixrss; - long ru_idrss; - long ru_isrss; - long ru_minflt; - long ru_majflt; - long ru_nswap; - long ru_inblock; - long ru_oublock; - long ru_msgsnd; - long ru_msgrcv; - long ru_nsignals; - long ru_nvcsw; - long ru_nivcsw; -}; - /* The format of the struct as returned by the libc to the application, which * significantly differs from the format returned by the stat() syscall flavours. */
The implementation uses the prlimit64 systemcall as that is available on all architectures.
Signed-off-by: Thomas Weißschuh linux@weissschuh.net --- tools/include/nolibc/sys.h | 38 ++++++++++++++++++++++++++++ tools/testing/selftests/nolibc/nolibc-test.c | 29 +++++++++++++++++++++ 2 files changed, 67 insertions(+)
diff --git a/tools/include/nolibc/sys.h b/tools/include/nolibc/sys.h index 2f359cb03d10..dda9dffd1d74 100644 --- a/tools/include/nolibc/sys.h +++ b/tools/include/nolibc/sys.h @@ -21,6 +21,7 @@ #include <linux/fcntl.h> /* for O_* and AT_* */ #include <linux/stat.h> /* for statx() */ #include <linux/prctl.h> +#include <linux/resource.h>
#include "arch.h" #include "errno.h" @@ -898,6 +899,43 @@ int reboot(int cmd) }
+/* + * int getrlimit(int resource, struct rlimit *rlim); + * int setrlimit(int resource, const struct rlimit *rlim); + */ + +static __attribute__((unused)) +int sys_prlimit64(pid_t pid, int resource, + const struct rlimit64 *new_limit, struct rlimit64 *old_limit) +{ + return my_syscall4(__NR_prlimit64, pid, resource, new_limit, old_limit); +} + +static __attribute__((unused)) +int getrlimit(int resource, struct rlimit *rlim) +{ + struct rlimit64 rlim64; + int ret; + + ret = __sysret(sys_prlimit64(0, resource, NULL, &rlim64)); + rlim->rlim_cur = rlim64.rlim_cur; + rlim->rlim_max = rlim64.rlim_max; + + return ret; +} + +static __attribute__((unused)) +int setrlimit(int resource, const struct rlimit *rlim) +{ + struct rlimit64 rlim64 = { + .rlim_cur = rlim->rlim_cur, + .rlim_max = rlim->rlim_max, + }; + + return __sysret(sys_prlimit64(0, resource, &rlim64, NULL)); +} + + /* * int sched_yield(void); */ diff --git a/tools/testing/selftests/nolibc/nolibc-test.c b/tools/testing/selftests/nolibc/nolibc-test.c index 2b71fb5fae4e..d07cebace107 100644 --- a/tools/testing/selftests/nolibc/nolibc-test.c +++ b/tools/testing/selftests/nolibc/nolibc-test.c @@ -22,6 +22,7 @@ #include <sys/mount.h> #include <sys/prctl.h> #include <sys/reboot.h> +#include <sys/resource.h> #include <sys/stat.h> #include <sys/syscall.h> #include <sys/sysmacros.h> @@ -839,6 +840,33 @@ int test_pipe(void) return !!memcmp(buf, msg, len); }
+int test_rlimit(void) +{ + struct rlimit rlim = { + .rlim_cur = 1 << 20, + .rlim_max = 1 << 20, + }; + int ret; + + ret = setrlimit(RLIMIT_CORE, &rlim); + if (ret) + return -1; + + rlim.rlim_cur = 0; + rlim.rlim_max = 0; + + ret = getrlimit(RLIMIT_CORE, &rlim); + if (ret) + return -1; + + if (rlim.rlim_cur != 1 << 20) + return -1; + if (rlim.rlim_max != 1 << 20) + return -1; + + return 0; +} +
/* Run syscall tests between IDs <min> and <max>. * Return 0 on success, non-zero on failure. @@ -929,6 +957,7 @@ int run_syscall(int min, int max) CASE_TEST(poll_fault); EXPECT_SYSER(1, poll(NULL, 1, 0), -1, EFAULT); break; CASE_TEST(prctl); EXPECT_SYSER(1, prctl(PR_SET_NAME, (unsigned long)NULL, 0, 0, 0), -1, EFAULT); break; CASE_TEST(read_badf); EXPECT_SYSER(1, read(-1, &tmp, 1), -1, EBADF); break; + CASE_TEST(rlimit); EXPECT_SYSZR(1, test_rlimit()); break; CASE_TEST(rmdir_blah); EXPECT_SYSER(1, rmdir("/blah"), -1, ENOENT); break; CASE_TEST(sched_yield); EXPECT_SYSZR(1, sched_yield()); break; CASE_TEST(select_null); EXPECT_SYSZR(1, ({ struct timeval tv = { 0 }; select(0, NULL, NULL, NULL, &tv); })); break;
Hi Thomas,
+int test_rlimit(void) +{
- struct rlimit rlim = {
.rlim_cur = 1 << 20,.rlim_max = 1 << 20,- };
- int ret;
- ret = setrlimit(RLIMIT_CORE, &rlim);
- if (ret)
return -1;- rlim.rlim_cur = 0;
- rlim.rlim_max = 0;
- ret = getrlimit(RLIMIT_CORE, &rlim);
- if (ret)
return -1;- if (rlim.rlim_cur != 1 << 20)
return -1;- if (rlim.rlim_max != 1 << 20)
return -1;
I think you should used two different values here for cur and max so that you can also detect stupid API bugs such as a union being used instead of a struct, or copy-pastes in the implementation etc. For example using 1<<20 and 1<<21 should do the trick.
Otherwise Ack-by me for the whole series, of course.
Thanks, Willy
On 2023-11-26 10:28:28+0100, Willy Tarreau wrote:
Hi Thomas,
+int test_rlimit(void) +{
- struct rlimit rlim = {
.rlim_cur = 1 << 20,.rlim_max = 1 << 20,- };
- int ret;
- ret = setrlimit(RLIMIT_CORE, &rlim);
- if (ret)
return -1;- rlim.rlim_cur = 0;
- rlim.rlim_max = 0;
- ret = getrlimit(RLIMIT_CORE, &rlim);
- if (ret)
return -1;- if (rlim.rlim_cur != 1 << 20)
return -1;- if (rlim.rlim_max != 1 << 20)
return -1;I think you should used two different values here for cur and max so that you can also detect stupid API bugs such as a union being used instead of a struct, or copy-pastes in the implementation etc. For example using 1<<20 and 1<<21 should do the trick.
Good point, I incorporated the suggestion.
Otherwise Ack-by me for the whole series, of course.
Thanks!
FYI I retested and pushed the series.
Thomas
qemu-user does has its own implementation of coredumping. That implementation does not respect the call to prctl(PR_SET_DUMPABLE, 0) in run_protection(). This leads to a coredump for every test run under qemu-user.
Use also setrlimit() to inhibit coredump creation which is respected by qemu-user.
Link: https://lore.kernel.org/qemu-devel/20231115-qemu-user-dumpable-v1-2-edbe7f0f... Signed-off-by: Thomas Weißschuh linux@weissschuh.net --- tools/testing/selftests/nolibc/nolibc-test.c | 2 ++ 1 file changed, 2 insertions(+)
diff --git a/tools/testing/selftests/nolibc/nolibc-test.c b/tools/testing/selftests/nolibc/nolibc-test.c index d07cebace107..ccb8d017a3e7 100644 --- a/tools/testing/selftests/nolibc/nolibc-test.c +++ b/tools/testing/selftests/nolibc/nolibc-test.c @@ -1167,6 +1167,7 @@ static int run_protection(int min __attribute__((unused)), { pid_t pid; int llen = 0, status; + struct rlimit rlimit = { 0, 0 };
llen += printf("0 -fstackprotector ");
@@ -1198,6 +1199,7 @@ static int run_protection(int min __attribute__((unused)), close(STDERR_FILENO);
prctl(PR_SET_DUMPABLE, 0, 0, 0, 0); + setrlimit(RLIMIT_CORE, &rlimit); smash_stack(); return 1;
linux-kselftest-mirror@lists.linaro.org
-
Thomas Weißschuh -
Willy Tarreau