diff --git a/bin/sh/miscbltin.c b/bin/sh/miscbltin.c --- a/bin/sh/miscbltin.c +++ b/bin/sh/miscbltin.c @@ -483,6 +483,9 @@ #endif #ifdef RLIMIT_UMTXP { "umtx shared locks", (char *)0, RLIMIT_UMTXP, 1, 'o' }, +#endif +#ifdef RLIMIT_PIPE + { "pipes", (char *)0, RLIMIT_PIPE, 1, 'y' }, #endif { (char *) 0, (char *)0, 0, 0, '\0' } }; diff --git a/lib/libsys/getrlimit.2 b/lib/libsys/getrlimit.2 --- a/lib/libsys/getrlimit.2 +++ b/lib/libsys/getrlimit.2 @@ -84,6 +84,16 @@ The maximum number of simultaneous processes for this user id. .It Dv RLIMIT_NPTS The maximum number of pseudo-terminals this user id is allowed to create. +.It Dv RLIMIT_PIPE +The maximum number of two-directional pipes/fifos this user id is +allowed to create. +The kernel fifos +.Pq Xr mkfifo 2 +created on the first open of the filesystem object, are also accounted +by the limit for the id of the process opening it, not the fifo's +filesystem owner. +Despite somewhat unexpected, this is in fact fair, since user of the fifo +is not necessary its creator. .It Dv RLIMIT_RSS When there is memory pressure and swap is available, prioritize eviction of a process' resident pages beyond this amount (in bytes). @@ -112,6 +122,9 @@ Please see .Xr tuning 7 for a complete description of this sysctl. +.It Dv RLIMIT_UMTXP +The limit of the number of process-shared posix thread library objects +allocated by user id. .It Dv RLIMIT_VMEM An alias for .Dv RLIMIT_AS . diff --git a/lib/libutil/login_class.3 b/lib/libutil/login_class.3 --- a/lib/libutil/login_class.3 +++ b/lib/libutil/login_class.3 @@ -118,6 +118,7 @@ swapuse RLIMIT_SWAP kqueues RLIMIT_KQUEUES umtxp RLIMIT_UMTXP +pipe RLIMIT_PIPE .Ed .It LOGIN_SETPRIORITY Set the scheduling priority for the current process based on the diff --git a/lib/libutil/login_class.c b/lib/libutil/login_class.c --- a/lib/libutil/login_class.c +++ b/lib/libutil/login_class.c @@ -65,6 +65,7 @@ { "swapuse", login_getcapsize, RLIMIT_SWAP }, { "kqueues", login_getcapsize, RLIMIT_KQUEUES }, { "umtxp", login_getcapnum, RLIMIT_UMTXP }, + { "pipe", login_getcapnum, RLIMIT_PIPE }, { NULL, 0, 0 } }; diff --git a/sys/kern/kern_resource.c b/sys/kern/kern_resource.c --- a/sys/kern/kern_resource.c +++ b/sys/kern/kern_resource.c @@ -1607,3 +1607,10 @@ return (chglimit(uip, &uip->ui_umtxcnt, diff, max, "umtxcnt")); } + +int +chgpipecnt(struct uidinfo *uip, int diff, rlim_t max) +{ + + return (chglimit(uip, &uip->ui_pipecnt, diff, max, "pipecnt")); +} diff --git a/sys/kern/sys_pipe.c b/sys/kern/sys_pipe.c --- a/sys/kern/sys_pipe.c +++ b/sys/kern/sys_pipe.c @@ -361,8 +361,13 @@ { struct pipepair *pp; struct pipe *rpipe, *wpipe; + struct ucred *cr; int error; + cr = td->td_ucred; + if (!chgpipecnt(cr->cr_ruidinfo, 1, lim_cur(td, RLIMIT_PIPE))) + return (ENOMEM); + *p_pp = pp = uma_zalloc(pipe_zone, M_WAITOK); #ifdef MAC /* @@ -375,6 +380,7 @@ #endif rpipe = &pp->pp_rpipe; wpipe = &pp->pp_wpipe; + pp->pp_owner = crhold(cr); knlist_init_mtx(&rpipe->pipe_sel.si_note, PIPE_MTX(rpipe)); knlist_init_mtx(&wpipe->pipe_sel.si_note, PIPE_MTX(wpipe)); @@ -408,6 +414,8 @@ fail: knlist_destroy(&rpipe->pipe_sel.si_note); knlist_destroy(&wpipe->pipe_sel.si_note); + chgpipecnt(pp->pp_owner->cr_uidinfo, -1, 0); + crfree(pp->pp_owner); #ifdef MAC mac_pipe_destroy(pp); #endif @@ -434,7 +442,8 @@ { struct pipe *peer; - peer = (dpipe->pipe_type & PIPE_TYPE_NAMED) != 0 ? dpipe->pipe_peer : NULL; + peer = (dpipe->pipe_type & PIPE_TYPE_NAMED) != 0 ? + dpipe->pipe_peer : NULL; funsetown(&dpipe->pipe_sigio); pipeclose(dpipe); if (peer != NULL) { @@ -1731,6 +1740,8 @@ */ if (ppipe->pipe_present == PIPE_FINALIZED) { PIPE_UNLOCK(cpipe); + chgpipecnt(cpipe->pipe_pair->pp_owner->cr_uidinfo, -1, 0); + crfree(cpipe->pipe_pair->pp_owner); #ifdef MAC mac_pipe_destroy(pp); #endif diff --git a/sys/sys/pipe.h b/sys/sys/pipe.h --- a/sys/sys/pipe.h +++ b/sys/sys/pipe.h @@ -136,6 +136,7 @@ struct pipe pp_wpipe; struct mtx pp_mtx; struct label *pp_label; + struct ucred *pp_owner; /* to dec pipe usage count */ }; #define PIPE_MTX(pipe) (&(pipe)->pipe_pair->pp_mtx) diff --git a/sys/sys/resource.h b/sys/sys/resource.h --- a/sys/sys/resource.h +++ b/sys/sys/resource.h @@ -114,8 +114,9 @@ #define RLIMIT_SWAP 12 /* swap used */ #define RLIMIT_KQUEUES 13 /* kqueues allocated */ #define RLIMIT_UMTXP 14 /* process-shared umtx */ +#define RLIMIT_PIPE 15 /* pipes/fifos */ -#define RLIM_NLIMITS 15 /* number of resource limits */ +#define RLIM_NLIMITS 16 /* number of resource limits */ #define RLIM_INFINITY ((rlim_t)(((__uint64_t)1 << 63) - 1)) #define RLIM_SAVED_MAX RLIM_INFINITY diff --git a/sys/sys/resourcevar.h b/sys/sys/resourcevar.h --- a/sys/sys/resourcevar.h +++ b/sys/sys/resourcevar.h @@ -121,6 +121,7 @@ long ui_ptscnt; /* (b) number of pseudo-terminals */ long ui_kqcnt; /* (b) number of kqueues */ long ui_umtxcnt; /* (b) number of shared umtxs */ + long ui_pipecnt; /* (b) number of pipes */ uid_t ui_uid; /* (a) uid */ u_int ui_ref; /* (b) reference count */ #ifdef RACCT @@ -142,6 +143,7 @@ rlim_t maxval); int chgptscnt(struct uidinfo *uip, int diff, rlim_t maxval); int chgumtxcnt(struct uidinfo *uip, int diff, rlim_t maxval); +int chgpipecnt(struct uidinfo *uip, int diff, rlim_t max); int kern_proc_setrlimit(struct thread *td, struct proc *p, u_int which, struct rlimit *limp); struct plimit diff --git a/usr.bin/limits/limits.c b/usr.bin/limits/limits.c --- a/usr.bin/limits/limits.c +++ b/usr.bin/limits/limits.c @@ -91,6 +91,7 @@ { " swapuse%-4s %8s", " kB\n", 1024 }, { " kqueues%-4s %8s", "\n", 1 }, { " umtxp%-4s %8s", "\n", 1 }, + { " pipe%-4s %8s", "\n", 1 }, } }, { "sh", "unlimited", "", " -H", " -S", "", @@ -110,6 +111,7 @@ { "ulimit%s -w %s", ";\n", 1024 }, { "ulimit%s -k %s", ";\n", 1 }, { "ulimit%s -o %s", ";\n", 1 }, + { "ulimit%s -y %s", ";\n", 1 }, } }, { "csh", "unlimited", "", " -h", "", NULL, @@ -242,6 +244,7 @@ { "swapuse", login_getcapsize }, { "kqueues", login_getcapnum }, { "umtxp", login_getcapnum }, + { "pipe", login_getcapnum }, }; /* @@ -660,6 +663,7 @@ case RLIMIT_NPTS: case RLIMIT_KQUEUES: case RLIMIT_UMTXP: + case RLIMIT_PIPE: res = strtoq(s, &e, 0); s = e; break;