static void maximize_rlimit (int resource, const char *prefix) { struct rlimit rl; print_string (" "); print_string (prefix); print_string (": "); print_rlimit (resource); getrlimit (resource, &rl); rl.rlim_cur = rl.rlim_max; setrlimit (resource, &rl); print_string (" -> "); print_rlimit (resource); print_string ("\n"); }
// UNSAFE static void signal_handler (int sig) { if (runBlockingCall_G) flag_G = 1; printf ("\n\nsignal %d (%s) caught\n", sig, strsignal (sig)); print_rlimit (limit_G); if (resetLimits_G == 1) if (rlimSet_G == 1) { fprintf (stderr, "resetting %s\n", limStr_pG); setrlimit (limit_G, &rlim_G); print_rlimit (limit_G); } }
static void maximize_rlimit (int resource, const char *prefix) { struct rlimit rl; print_string (" "); print_string (prefix); print_string (": "); print_rlimit (resource); getrlimit (resource, &rl); rl.rlim_cur = rl.rlim_max; if (sizeof (rl.rlim_cur) >= sizeof (RLIMIT_CAP)) rl.rlim_cur = (rlim_t) RLIMIT_CAP; setrlimit (resource, &rl); print_string (" -> "); print_rlimit (resource); print_string ("\n"); }
int main(int argc, char *argv[]) { struct rlimit rl; int j; pid_t child_pid; if (argc < 2 || argc > 3 || strcmp(argv[1], "--help") == 0) { fprintf(stderr, "usage: %s soft-limit [hard-limit]\n", argv[0]); exit(EXIT_FAILURE); } print_rlimit("Initial maximum process limits: ", RLIMIT_NPROC); /* Set new process limits (hard == soft if not specified) */ rl.rlim_cur = (argv[1][0] == 'i') ? RLIM_INFINITY : strtoul(argv[1], NULL, 0); rl.rlim_max = (argc == 2) ? rl.rlim_cur : (argv[2][0] == 'i') ? RLIM_INFINITY : strtoul(argv[1], NULL, 0); if (setrlimit(RLIMIT_NPROC, &rl) == -1) { perror("setrlimit"); exit(EXIT_FAILURE); } print_rlimit("New maximum process limits: ", RLIMIT_NPROC); /* Create as many childre as possible */ for (j = 1; /* infinite */; ++j) { switch (child_pid = fork()) { case -1: perror("fork"); exit(EXIT_FAILURE); case 0: _exit(EXIT_SUCCESS); default: /* Parent: display message about each new child and * let the resulting zombies accumulate */ printf("Child %d (PID=%ld) started\n", j, (long) child_pid); break; } } }
static const char *print_a0(const char *val, const rnode *r) { int machine = r->machine, syscall = r->syscall; const char *sys = audit_syscall_to_name(syscall, machine); if (sys) { if (strcmp(sys, "rt_sigaction") == 0) return print_signals(val, 16); else if (strcmp(sys, "setuid") == 0) return print_uid(val, 16); else if (strcmp(sys, "setreuid") == 0) return print_uid(val, 16); else if (strcmp(sys, "setresuid") == 0) return print_uid(val, 16); else if (strcmp(sys, "setfsuid") == 0) return print_uid(val, 16); else if (strcmp(sys, "setgid") == 0) return print_gid(val, 16); else if (strcmp(sys, "setregid") == 0) return print_gid(val, 16); else if (strcmp(sys, "setresgid") == 0) return print_gid(val, 16); else if (strcmp(sys, "setfsgid") == 0) return print_gid(val, 16); else if (strcmp(sys, "clock_settime") == 0) return print_clock_id(val); else if (strcmp(sys, "personality") == 0) return print_personality(val); else if (strcmp(sys, "ptrace") == 0) return print_ptrace(val); else if (strstr(sys, "etrlimit")) return print_rlimit(val); else if (strcmp(sys, "socket") == 0) return print_socket_domain(val); } return strdup(val); }
// functions int main (int argc, char *argv[]) { int ret; struct sigaction sa; struct sched_param prio; volatile unsigned i, j; process_cmdline_args (argc, argv); // setup signal handler if (runBlockingCall_G) flag_G = 0; sigemptyset (&sa.sa_mask); sa.sa_flags = 0; sa.sa_handler = signal_handler; ret = sigaction (SIGXCPU, &sa, NULL); if (ret == -1) { printf ("can't sigaction signal %2d (%s)\n", SIGXCPU, strsignal (SIGXCPU)); perror ("sigaction()"); return 1; } // set rlimits printf ("before "); print_rlimit (limit_G); if (limit_G == RLIMIT_CPU) { rlim_G.rlim_cur = 2; rlim_G.rlim_max = 8; } else { rlim_G.rlim_cur = 2 * 1000000; rlim_G.rlim_max = 8 * 1000000; } ret = setrlimit (limit_G, &rlim_G); if (ret == -1) { perror ("setrlimit()"); return 1; } rlimSet_G = 1; printf ("after "); print_rlimit (limit_G); // set -rt priority prio.sched_priority = 1; ret = sched_setscheduler (0, SCHED_FIFO, &prio); if (ret == -1) { perror ("sched_setscheduler()"); return 1; } // busy loop for (i=0; i<1000000; ++i) for (j=0; j<1000000; ++j) if (runBlockingCall_G == 1) { if (flag_G) { flag_G = 0; usleep (1); } } else { ; } return 0; }