Add resource limit check for the number of the fds in poll

src/libos/src/misc/rlimit.rs

@@ -33,6 +33,16 @@ pub struct rlimit_t {
     max: u64,
 }
 
+impl rlimit_t {
+    pub fn get_cur(&self) -> u64 {
+        self.cur
+    }
+
+    pub fn get_max(&self) -> u64 {
+        self.max
+    }
+}
+
 impl Default for rlimit_t {
     fn default() -> rlimit_t {
         rlimit_t {

src/libos/src/net/syscalls.rs

@@ -2,6 +2,7 @@ use super::*;
 
 use super::io_multiplexing::{AsEpollFile, EpollCtlCmd, EpollEventFlags, EpollFile};
 use fs::{CreationFlags, File, FileDesc, FileRef};
+use misc::resource_t;
 use process::Process;
 use std::convert::TryFrom;
 use util::mem_util::from_user;
@@ -175,6 +176,17 @@ pub fn do_poll(fds: *mut libc::pollfd, nfds: libc::nfds_t, timeout: c_int) -> Re
         from_user::check_mut_array(fds, nfds as usize)?;
     }
 
+    let soft_rlimit_nofile = current!()
+        .rlimits()
+        .lock()
+        .unwrap()
+        .get(resource_t::RLIMIT_NOFILE)
+        .get_cur();
+    // TODO: Check nfds against the size of the stack used in ocall to prevent stack overflow
+    if nfds > soft_rlimit_nofile {
+        return_errno!(EINVAL, "The nfds value exceeds the RLIMIT_NOFILE value.");
+    }
+
     let polls = unsafe { std::slice::from_raw_parts_mut(fds, nfds as usize) };
 
     let n = io_multiplexing::do_poll(polls, timeout)?;