From f9486bf7a94f57393c114456768ae6b9688e5676 Mon Sep 17 00:00:00 2001 From: He Sun Date: Wed, 13 May 2020 13:28:17 +0800 Subject: [PATCH] Add resource limit check for the number of the fds in poll --- src/libos/src/misc/rlimit.rs | 10 ++++++++++ src/libos/src/net/syscalls.rs | 12 ++++++++++++ 2 files changed, 22 insertions(+) diff --git a/src/libos/src/misc/rlimit.rs b/src/libos/src/misc/rlimit.rs index ab098e8e..9a3a992f 100644 --- a/src/libos/src/misc/rlimit.rs +++ b/src/libos/src/misc/rlimit.rs @@ -33,6 +33,16 @@ pub struct rlimit_t { max: u64, } +impl rlimit_t { + pub fn get_cur(&self) -> u64 { + self.cur + } + + pub fn get_max(&self) -> u64 { + self.max + } +} + impl Default for rlimit_t { fn default() -> rlimit_t { rlimit_t { diff --git a/src/libos/src/net/syscalls.rs b/src/libos/src/net/syscalls.rs index b5dc8e13..67ed5a09 100644 --- a/src/libos/src/net/syscalls.rs +++ b/src/libos/src/net/syscalls.rs @@ -2,6 +2,7 @@ use super::*; use super::io_multiplexing::{AsEpollFile, EpollCtlCmd, EpollEventFlags, EpollFile}; use fs::{CreationFlags, File, FileDesc, FileRef}; +use misc::resource_t; use process::Process; use std::convert::TryFrom; use util::mem_util::from_user; @@ -175,6 +176,17 @@ pub fn do_poll(fds: *mut libc::pollfd, nfds: libc::nfds_t, timeout: c_int) -> Re from_user::check_mut_array(fds, nfds as usize)?; } + let soft_rlimit_nofile = current!() + .rlimits() + .lock() + .unwrap() + .get(resource_t::RLIMIT_NOFILE) + .get_cur(); + // TODO: Check nfds against the size of the stack used in ocall to prevent stack overflow + if nfds > soft_rlimit_nofile { + return_errno!(EINVAL, "The nfds value exceeds the RLIMIT_NOFILE value."); + } + let polls = unsafe { std::slice::from_raw_parts_mut(fds, nfds as usize) }; let n = io_multiplexing::do_poll(polls, timeout)?;