diff --git a/CHANGES b/CHANGES index 4b76081077..0517c46551 100644 --- a/CHANGES +++ b/CHANGES @@ -1,3 +1,7 @@ +6041. [func] Set the RLIMIT_NOFILE to rlim_max returned from + getrlimit() instead of trying to guess the maximum + allowed value. [GL #3676] + 6040. [bug] Speed up the named shutdown time by explicitly canceling all recursing ns_client objects for each ns_clientmgr. [GL #3183] diff --git a/bin/named/config.c b/bin/named/config.c index 17b01ec9e1..1824f7da95 100644 --- a/bin/named/config.c +++ b/bin/named/config.c @@ -50,16 +50,12 @@ options {\n\ answer-cookie true;\n\ automatic-interface-scan yes;\n\ bindkeys-file \"" NAMED_SYSCONFDIR "/bind.keys\";\n\ -# blackhole {none;};\n" - " cookie-algorithm siphash24;\n" - " coresize default;\n\ - datasize default;\n" - "\ +# blackhole {none;};\n\ + cookie-algorithm siphash24;\n\ # directory \n\ dnssec-policy \"none\";\n\ dump-file \"named_dump.db\";\n\ - edns-udp-size 1232;\n\ - files unlimited;\n" + edns-udp-size 1232;\n" #if defined(HAVE_GEOIP2) "\ geoip-directory \"" MAXMINDDB_PREFIX "/share/GeoIP\";\n" @@ -115,7 +111,6 @@ options {\n\ session-keyalg hmac-sha256;\n\ # session-keyfile \"" NAMED_LOCALSTATEDIR "/run/named/session.key\";\n\ session-keyname local-ddns;\n\ - stacksize default;\n\ startup-notify-rate 20;\n\ statistics-file \"named.stats\";\n\ tcp-advertised-timeout 300;\n\ diff --git a/bin/named/include/named/globals.h b/bin/named/include/named/globals.h index ebacca1524..6d46f12589 100644 --- a/bin/named/include/named/globals.h +++ b/bin/named/include/named/globals.h @@ -106,14 +106,6 @@ EXTERN dns_name_t named_g_sessionkeyname; EXTERN bool named_g_conffileset INIT(false); EXTERN cfg_aclconfctx_t *named_g_aclconfctx INIT(NULL); -/* - * Initial resource limits. - */ -EXTERN isc_resourcevalue_t named_g_initstacksize INIT(0); -EXTERN isc_resourcevalue_t named_g_initdatasize INIT(0); -EXTERN isc_resourcevalue_t named_g_initcoresize INIT(0); -EXTERN isc_resourcevalue_t named_g_initopenfiles INIT(0); - /* * Misc. */ diff --git a/bin/named/main.c b/bin/named/main.c index 9d0207a3b8..a75bbdb6e5 100644 --- a/bin/named/main.c +++ b/bin/named/main.c @@ -35,7 +35,6 @@ #include #include #include -#include #include #include #include @@ -1043,7 +1042,6 @@ create_managers(void) { static void setup(void) { isc_result_t result; - isc_resourcevalue_t old_openfiles; ns_server_t *sctx; #ifdef HAVE_LIBSCF char *instance = NULL; @@ -1216,39 +1214,11 @@ setup(void) { NAMED_LOGMODULE_MAIN, ISC_LOG_NOTICE, "----------------------------------------------------"); - /* - * Get the initial resource limits. - */ - RUNTIME_CHECK(isc_resource_getlimit(isc_resource_stacksize, - &named_g_initstacksize) == - ISC_R_SUCCESS); - RUNTIME_CHECK(isc_resource_getlimit(isc_resource_datasize, - &named_g_initdatasize) == - ISC_R_SUCCESS); - RUNTIME_CHECK(isc_resource_getlimit(isc_resource_coresize, - &named_g_initcoresize) == - ISC_R_SUCCESS); - RUNTIME_CHECK(isc_resource_getlimit(isc_resource_openfiles, - &named_g_initopenfiles) == - ISC_R_SUCCESS); - /* * System resources cannot effectively be tuned on some systems. * Raise the limit in such cases for safety. */ - old_openfiles = named_g_initopenfiles; named_os_adjustnofile(); - RUNTIME_CHECK(isc_resource_getlimit(isc_resource_openfiles, - &named_g_initopenfiles) == - ISC_R_SUCCESS); - if (old_openfiles != named_g_initopenfiles) { - isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL, - NAMED_LOGMODULE_MAIN, ISC_LOG_NOTICE, - "adjusted limit on open files from " - "%" PRIu64 " to " - "%" PRIu64, - old_openfiles, named_g_initopenfiles); - } /* * If the named configuration filename is relative, prepend the current diff --git a/bin/named/os.c b/bin/named/os.c index 3506a5e605..699ca2f256 100644 --- a/bin/named/os.c +++ b/bin/named/os.c @@ -14,6 +14,7 @@ /*! \file */ #include #include +#include #include #include /* dev_t FreeBSD 2.1 */ #ifdef HAVE_UNAME @@ -37,13 +38,13 @@ #include #include #include -#include #include #include #include #include #include +#include #include #include #ifdef HAVE_LIBSCF @@ -615,23 +616,47 @@ ns_os_uid(void) { void named_os_adjustnofile(void) { -#if defined(__linux__) || defined(__sun) - isc_result_t result; - isc_resourcevalue_t newvalue; + int r; + struct rlimit rl; + rlim_t rlim_old; + char strbuf[ISC_STRERRORSIZE]; - /* - * Linux: max number of open files specified by one thread doesn't seem - * to apply to other threads on Linux. - * Sun: restriction needs to be removed sooner when hundreds of CPUs - * are available. - */ - newvalue = ISC_RESOURCE_UNLIMITED; - - result = isc_resource_setlimit(isc_resource_openfiles, newvalue); - if (result != ISC_R_SUCCESS) { - named_main_earlywarning("couldn't adjust limit on open files"); + r = getrlimit(RLIMIT_NOFILE, &rl); + if (r != 0) { + goto fail; } -#endif /* if defined(__linux__) || defined(__sun) */ + + rlim_old = rl.rlim_cur; + + if (rl.rlim_cur == rl.rlim_max) { + isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL, + NAMED_LOGMODULE_MAIN, ISC_LOG_NOTICE, + "the limit on open files is already at the " + "maximum allowed value: " + "%" PRIu64, + (uint64_t)rl.rlim_max); + return; + } + + rl.rlim_cur = rl.rlim_max; + r = setrlimit(RLIMIT_NOFILE, &rl); + if (r != 0) { + goto fail; + } + + isc_log_write(named_g_lctx, NAMED_LOGCATEGORY_GENERAL, + NAMED_LOGMODULE_MAIN, ISC_LOG_NOTICE, + "adjusted limit on open files from " + "%" PRIu64 " to " + "%" PRIu64, + (uint64_t)rlim_old, (uint64_t)rl.rlim_cur); + return; + +fail: + strerror_r(errno, strbuf, sizeof(strbuf)); + named_main_earlywarning("adjusting limit on open files failed: %s", + strbuf); + return; } void diff --git a/bin/named/server.c b/bin/named/server.c index 0962230718..09eb53e2ed 100644 --- a/bin/named/server.c +++ b/bin/named/server.c @@ -52,7 +52,6 @@ #include #include #include -#include #include #include #include @@ -4355,8 +4354,7 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, max_cache_size = SIZE_AS_PERCENT; max_cache_size_percent = cfg_obj_aspercentage(obj); } else { - isc_resourcevalue_t value; - value = cfg_obj_asuint64(obj); + uint64_t value = cfg_obj_asuint64(obj); if (value > SIZE_MAX) { cfg_obj_log(obj, named_g_lctx, ISC_LOG_WARNING, "'max-cache-size " @@ -7438,51 +7436,6 @@ setoptstring(named_server_t *server, char **field, const cfg_obj_t *obj) { } } -static void -set_limit(const cfg_obj_t **maps, const char *configname, - const char *description, isc_resource_t resourceid, - isc_resourcevalue_t defaultvalue) { - const cfg_obj_t *obj = NULL; - const char *resource; - isc_resourcevalue_t value; - isc_result_t result; - - if (named_config_get(maps, configname, &obj) != ISC_R_SUCCESS) { - return; - } - - if (cfg_obj_isstring(obj)) { - resource = cfg_obj_asstring(obj); - if (strcasecmp(resource, "unlimited") == 0) { - value = ISC_RESOURCE_UNLIMITED; - } else { - INSIST(strcasecmp(resource, "default") == 0); - value = defaultvalue; - } - } else { - value = cfg_obj_asuint64(obj); - } - - result = isc_resource_setlimit(resourceid, value); - isc_log_write( - named_g_lctx, NAMED_LOGCATEGORY_GENERAL, NAMED_LOGMODULE_SERVER, - result == ISC_R_SUCCESS ? ISC_LOG_DEBUG(3) : ISC_LOG_WARNING, - "set maximum %s to %" PRIu64 ": %s", description, value, - isc_result_totext(result)); -} - -#define SETLIMIT(cfgvar, resource, description) \ - set_limit(maps, cfgvar, description, isc_resource_##resource, \ - named_g_init##resource) - -static void -set_limits(const cfg_obj_t **maps) { - SETLIMIT("stacksize", stacksize, "stack size"); - SETLIMIT("datasize", datasize, "data size"); - SETLIMIT("coresize", coresize, "core size"); - SETLIMIT("files", openfiles, "open files"); -} - static void portset_fromconf(isc_portset_t *portset, const cfg_obj_t *ports, bool positive) { @@ -8575,11 +8528,6 @@ load_configuration(const char *filename, named_server_t *server, server->bindkeysfile); } - /* - * Set process limits, which (usually) needs to be done as root. - */ - set_limits(maps); - /* * Check the process lockfile. */ diff --git a/bin/named/zoneconf.c b/bin/named/zoneconf.c index f7e5914fbd..795db7bf6e 100644 --- a/bin/named/zoneconf.c +++ b/bin/named/zoneconf.c @@ -1362,8 +1362,7 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, journal_size = -1; } } else { - isc_resourcevalue_t value; - value = cfg_obj_asuint64(obj); + uint64_t value = cfg_obj_asuint64(obj); if (value > DNS_JOURNAL_SIZE_MAX) { cfg_obj_log(obj, named_g_lctx, ISC_LOG_ERROR, "'max-journal-size " @@ -1508,8 +1507,7 @@ named_zone_configure(const cfg_obj_t *config, const cfg_obj_t *vconfig, journal_size = -1; } } else { - isc_resourcevalue_t value; - value = cfg_obj_asuint64(obj); + uint64_t value = cfg_obj_asuint64(obj); if (value > DNS_JOURNAL_SIZE_MAX) { cfg_obj_log(obj, named_g_lctx, ISC_LOG_ERROR, "'max-journal-size " diff --git a/conftools/perllib/dnsconf/DNSConf.i b/conftools/perllib/dnsconf/DNSConf.i index 7e2cf0e0e2..db548bc499 100644 --- a/conftools/perllib/dnsconf/DNSConf.i +++ b/conftools/perllib/dnsconf/DNSConf.i @@ -283,10 +283,6 @@ INT_FIELD_DEFS(recursiveclients) INT_FIELD_DEFS(minroots) INT_FIELD_DEFS(serialqueries) INT_FIELD_DEFS(sigvalidityinterval) -INT_FIELD_DEFS(datasize) -INT_FIELD_DEFS(stacksize) -INT_FIELD_DEFS(coresize) -INT_FIELD_DEFS(files) INT_FIELD_DEFS(maxcachesize) INT_FIELD_DEFS(maxncachettl) INT_FIELD_DEFS(maxcachettl) diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst index cb2bd6b71b..de69a4c0b6 100644 --- a/doc/arm/reference.rst +++ b/doc/arm/reference.rst @@ -3626,58 +3626,6 @@ options apply to zone transfers. This option acts like :any:`notify-source`, but applies to ``NOTIFY`` messages sent to IPv6 addresses. -.. _resource_limits: - -Operating System Resource Limits -^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ - -The server's usage of many system resources can be limited. Scaled -values are allowed when specifying resource limits. For example, ``1G`` -can be used instead of ``1073741824`` to specify a limit of one -gigabyte. ``unlimited`` requests unlimited use, or the maximum available -amount. ``default`` uses the limit that was in force when the server was -started. See the description of :term:`size`. - -The following options are deprecated in favor of setting the operating system -resource limits from the operating system and/or process supervisor, should not -be used, and will be rendered non-operational in a future release. - - -.. namedconf:statement:: coresize - :tags: deprecated - :short: Sets the maximum size of a core dump. - - This sets the maximum size of a core dump. The default is ``default``. - -.. namedconf:statement:: datasize - :tags: deprecated - :short: Sets the maximum amount of data memory that can be used by the server. - - This sets the maximum amount of data memory the server may use. The default is - ``default``. This is a hard limit on server memory usage; if the - server attempts to allocate memory in excess of this limit, the - allocation will fail, which may in turn leave the server unable to - perform DNS service. Therefore, this option is rarely useful as a way - to limit the amount of memory used by the server, but it can be - used to raise an operating system data size limit that is too small - by default. To limit the amount of memory used by the - server, use the :any:`max-cache-size` and :any:`recursive-clients` options - instead. - -.. namedconf:statement:: files - :tags: deprecated - :short: Sets the maximum number of files the server may have open concurrently. - - This sets the maximum number of files the server may have open concurrently. - The default is ``unlimited``. - -.. namedconf:statement:: stacksize - :tags: deprecated - :short: Sets the maximum amount of stack memory that can be used by the server. - - This sets the maximum amount of stack memory the server may use. The default is - ``default``. - .. _server_resource_limits: Server Resource Limits diff --git a/doc/man/named.conf.5in b/doc/man/named.conf.5in index dbd6e9d901..b03ef74839 100644 --- a/doc/man/named.conf.5in +++ b/doc/man/named.conf.5in @@ -152,8 +152,6 @@ options { clients\-per\-query ; cookie\-algorithm ( aes | siphash24 ); cookie\-secret ; // may occur multiple times - coresize ( default | unlimited | ); // deprecated - datasize ( default | unlimited | ); // deprecated deny\-answer\-addresses { ; ... } [ except\-from { ; ... } ]; deny\-answer\-aliases { ; ... } [ except\-from { ; ... } ]; dialup ( notify | notify\-passive | passive | refresh | ); @@ -196,7 +194,6 @@ options { fetch\-quota\-params ; fetches\-per\-server [ ( drop | fail ) ]; fetches\-per\-zone [ ( drop | fail ) ]; - files ( default | unlimited | ); // deprecated flush\-zones\-on\-shutdown ; forward ( first | only ); forwarders [ port ] [ dscp ] { ( | ) [ port ] [ dscp ]; ... }; @@ -331,7 +328,6 @@ options { sig\-signing\-type ; sig\-validity\-interval [ ]; sortlist { ; ... }; - stacksize ( default | unlimited | ); // deprecated stale\-answer\-client\-timeout ( disabled | off | ); stale\-answer\-enable ; stale\-answer\-ttl ; diff --git a/doc/misc/options b/doc/misc/options index 97462e7a2d..ce8f20a917 100644 --- a/doc/misc/options +++ b/doc/misc/options @@ -95,8 +95,6 @@ options { clients-per-query ; cookie-algorithm ( aes | siphash24 ); cookie-secret ; // may occur multiple times - coresize ( default | unlimited | ); // deprecated - datasize ( default | unlimited | ); // deprecated deny-answer-addresses { ; ... } [ except-from { ; ... } ]; deny-answer-aliases { ; ... } [ except-from { ; ... } ]; dialup ( notify | notify-passive | passive | refresh | ); @@ -139,7 +137,6 @@ options { fetch-quota-params ; fetches-per-server [ ( drop | fail ) ]; fetches-per-zone [ ( drop | fail ) ]; - files ( default | unlimited | ); // deprecated flush-zones-on-shutdown ; forward ( first | only ); forwarders [ port ] [ dscp ] { ( | ) [ port ] [ dscp ]; ... }; @@ -274,7 +271,6 @@ options { sig-signing-type ; sig-validity-interval [ ]; sortlist { ; ... }; - stacksize ( default | unlimited | ); // deprecated stale-answer-client-timeout ( disabled | off | ); stale-answer-enable ; stale-answer-ttl ; diff --git a/doc/notes/notes-current.rst b/doc/notes/notes-current.rst index e122ba5ff1..8081eb498b 100644 --- a/doc/notes/notes-current.rst +++ b/doc/notes/notes-current.rst @@ -40,14 +40,15 @@ Feature Changes - The option :any:`auto-dnssec` is deprecated and will be removed in 9.19. Please migrate to :any:`dnssec-policy`. :gl:`#3667` -- Deprecate setting the operating system limit (``coresize``, ``datasize``, +- Remove setting the operating system limit (``coresize``, ``datasize``, ``files`` and ``stacksize``) from ``named.conf``. These options should be set from the operating system (``ulimit``) or from the process supervisor (e.g. ``systemd``). :gl:`#3676` -- Deprecate setting alternate local addresses for inbound zone transfers - (:any:`alt-transfer-source`, :any:`alt-transfer-source-v6`, - :any:`use-alt-transfer-source`). :gl:`#3694` +- On startup, ``named`` will set the current number of open files to maximum + allowed by the operating system instead of trying to set it to unlimited + which worked only very briefly on Linux 2.6.28 (and was causing performance + problems and thus the change was reverted in the kernel). :gl:`#3676` Bug Fixes ~~~~~~~~~ diff --git a/fuzz/isc_lex_gettoken.in/named.conf b/fuzz/isc_lex_gettoken.in/named.conf index dd46100b6b..d00c2c526d 100644 --- a/fuzz/isc_lex_gettoken.in/named.conf +++ b/fuzz/isc_lex_gettoken.in/named.conf @@ -165,11 +165,7 @@ options { #maintain - ixfr - base no; // If yes, keep transaction log file for IXFR max - ixfr - log - size 20m; - coresize 100; - datasize 101; - files 230; max - cache - size 1m; - stacksize 231; heartbeat - interval 1001; interface - interval 1002; statistics - interval 1003; diff --git a/lib/isc/Makefile.am b/lib/isc/Makefile.am index 2d8976a363..f44a5a00dd 100644 --- a/lib/isc/Makefile.am +++ b/lib/isc/Makefile.am @@ -77,7 +77,6 @@ libisc_la_HEADERS = \ include/isc/refcount.h \ include/isc/regex.h \ include/isc/region.h \ - include/isc/resource.h \ include/isc/result.h \ include/isc/rwlock.h \ include/isc/safe.h \ @@ -189,7 +188,6 @@ libisc_la_SOURCES = \ ratelimiter.c \ regex.c \ region.c \ - resource.c \ result.c \ safe.c \ serial.c \ diff --git a/lib/isc/include/isc/resource.h b/lib/isc/include/isc/resource.h deleted file mode 100644 index dc4b2b19dc..0000000000 --- a/lib/isc/include/isc/resource.h +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * SPDX-License-Identifier: MPL-2.0 - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, you can obtain one at https://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -#pragma once - -/*! \file isc/resource.h */ - -#include -#include - -#define ISC_RESOURCE_UNLIMITED ((isc_resourcevalue_t)UINT64_MAX) - -ISC_LANG_BEGINDECLS - -isc_result_t -isc_resource_setlimit(isc_resource_t resource, isc_resourcevalue_t value); -/*%< - * Set the maximum limit for a system resource. - * - * Notes: - *\li If 'value' exceeds the maximum possible on the operating system, - * it is silently limited to that maximum -- or to "infinity", if - * the operating system has that concept. #ISC_RESOURCE_UNLIMITED - * can be used to explicitly ask for the maximum. - * - * Requires: - *\li 'resource' is a valid member of the isc_resource_t enumeration. - * - * Returns: - *\li #ISC_R_SUCCESS Success. - *\li #ISC_R_NOTIMPLEMENTED 'resource' is not a type known by the OS. - *\li #ISC_R_NOPERM The calling process did not have adequate permission - * to change the resource limit. - */ - -isc_result_t -isc_resource_getlimit(isc_resource_t resource, isc_resourcevalue_t *value); -/*%< - * Get the maximum limit for a system resource. - * - * Notes: - *\li 'value' is set to the maximum limit. - * - *\li #ISC_RESOURCE_UNLIMITED is the maximum value of isc_resourcevalue_t. - * - *\li On many (all?) Unix systems, RLIM_INFINITY is a valid value that is - * significantly less than #ISC_RESOURCE_UNLIMITED, but which in practice - * behaves the same. - * - *\li The current ISC libdns configuration file parser assigns a value - * of UINT32_MAX for a size_spec of "unlimited" and ISC_UNIT32_MAX - 1 - * for "default", the latter of which is supposed to represent "the - * limit that was in force when the server started". Since these are - * valid values in the middle of the range of isc_resourcevalue_t, - * there is the possibility for confusion over what exactly those - * particular values are supposed to represent in a particular context -- - * discrete integral values or generalized concepts. - * - * Requires: - *\li 'resource' is a valid member of the isc_resource_t enumeration. - * - * Returns: - *\li #ISC_R_SUCCESS Success. - *\li #ISC_R_NOTIMPLEMENTED 'resource' is not a type known by the OS. - */ - -isc_result_t -isc_resource_getcurlimit(isc_resource_t resource, isc_resourcevalue_t *value); -/*%< - * Same as isc_resource_getlimit(), but returns the current (soft) limit. - * - * Returns: - *\li #ISC_R_SUCCESS Success. - *\li #ISC_R_NOTIMPLEMENTED 'resource' is not a type known by the OS. - */ - -ISC_LANG_ENDDECLS diff --git a/lib/isc/include/isc/types.h b/lib/isc/include/isc/types.h index ecbbf48976..51a246dfab 100644 --- a/lib/isc/include/isc/types.h +++ b/lib/isc/include/isc/types.h @@ -71,14 +71,13 @@ typedef struct isc_nmsocket isc_nmsocket_t; /*%< Network manager socket */ typedef struct isc_nmhandle isc_nmhandle_t; /*%< Network manager handle */ typedef struct isc_portset isc_portset_t; /*%< Port Set */ typedef struct isc_quota isc_quota_t; /*%< Quota */ -typedef struct isc_ratelimiter isc_ratelimiter_t; /*%< Rate Limiter */ -typedef struct isc_region isc_region_t; /*%< Region */ -typedef uint64_t isc_resourcevalue_t; /*%< Resource Value */ -typedef struct isc_signal isc_signal_t; /*%< Signal handler */ -typedef struct isc_sockaddr isc_sockaddr_t; /*%< Socket Address */ -typedef ISC_LIST(isc_sockaddr_t) isc_sockaddrlist_t; /*%< Socket Address List - * */ -typedef struct isc_stats isc_stats_t; /*%< Statistics */ +typedef struct isc_ratelimiter isc_ratelimiter_t; /*%< Rate Limiter */ +typedef struct isc_region isc_region_t; /*%< Region */ +typedef struct isc_signal isc_signal_t; /*%< Signal handler */ +typedef struct isc_sockaddr isc_sockaddr_t; /*%< Socket Address */ +typedef ISC_LIST(isc_sockaddr_t) isc_sockaddrlist_t; /*%< Socket Address List + * */ +typedef struct isc_stats isc_stats_t; /*%< Statistics */ typedef int_fast64_t isc_statscounter_t; typedef struct isc_symtab isc_symtab_t; /*%< Symbol Table */ typedef struct isc_task isc_task_t; /*%< Task */ @@ -96,19 +95,6 @@ typedef struct isc_nm_http_endpoints isc_nm_http_endpoints_t; typedef void (*isc_taskaction_t)(isc_task_t *, isc_event_t *); -/*% Resource */ -typedef enum { - isc_resource_coresize = 1, - isc_resource_cputime, - isc_resource_datasize, - isc_resource_filesize, - isc_resource_lockedmemory, - isc_resource_openfiles, - isc_resource_processes, - isc_resource_residentsize, - isc_resource_stacksize -} isc_resource_t; - /*% Statistics formats (text file or XML) */ typedef enum { isc_statsformat_file, diff --git a/lib/isc/resource.c b/lib/isc/resource.c deleted file mode 100644 index f6965755db..0000000000 --- a/lib/isc/resource.c +++ /dev/null @@ -1,208 +0,0 @@ -/* - * Copyright (C) Internet Systems Consortium, Inc. ("ISC") - * - * SPDX-License-Identifier: MPL-2.0 - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, you can obtain one at https://mozilla.org/MPL/2.0/. - * - * See the COPYRIGHT file distributed with this work for additional - * information regarding copyright ownership. - */ - -#include -#include -#include -#include /* Required on some systems for . */ -#include - -#include -#include -#include - -#ifdef __linux__ -#include /* To get the large NR_OPEN. */ -#endif /* ifdef __linux__ */ - -#include "errno2result.h" - -static isc_result_t -resource2rlim(isc_resource_t resource, int *rlim_resource) { - isc_result_t result = ISC_R_SUCCESS; - - switch (resource) { - case isc_resource_coresize: - *rlim_resource = RLIMIT_CORE; - break; - case isc_resource_cputime: - *rlim_resource = RLIMIT_CPU; - break; - case isc_resource_datasize: - *rlim_resource = RLIMIT_DATA; - break; - case isc_resource_filesize: - *rlim_resource = RLIMIT_FSIZE; - break; - case isc_resource_lockedmemory: -#ifdef RLIMIT_MEMLOCK - *rlim_resource = RLIMIT_MEMLOCK; -#else /* ifdef RLIMIT_MEMLOCK */ - result = ISC_R_NOTIMPLEMENTED; -#endif /* ifdef RLIMIT_MEMLOCK */ - break; - case isc_resource_openfiles: -#ifdef RLIMIT_NOFILE - *rlim_resource = RLIMIT_NOFILE; -#else /* ifdef RLIMIT_NOFILE */ - result = ISC_R_NOTIMPLEMENTED; -#endif /* ifdef RLIMIT_NOFILE */ - break; - case isc_resource_processes: -#ifdef RLIMIT_NPROC - *rlim_resource = RLIMIT_NPROC; -#else /* ifdef RLIMIT_NPROC */ - result = ISC_R_NOTIMPLEMENTED; -#endif /* ifdef RLIMIT_NPROC */ - break; - case isc_resource_residentsize: -#ifdef RLIMIT_RSS - *rlim_resource = RLIMIT_RSS; -#else /* ifdef RLIMIT_RSS */ - result = ISC_R_NOTIMPLEMENTED; -#endif /* ifdef RLIMIT_RSS */ - break; - case isc_resource_stacksize: - *rlim_resource = RLIMIT_STACK; - break; - default: - /* - * This test is not very robust if isc_resource_t - * changes, but generates a clear assertion message. - */ - REQUIRE(resource >= isc_resource_coresize && - resource <= isc_resource_stacksize); - - result = ISC_R_RANGE; - break; - } - - return (result); -} - -isc_result_t -isc_resource_setlimit(isc_resource_t resource, isc_resourcevalue_t value) { - struct rlimit rl; - rlim_t rlim_value; - int unixresult; - int unixresource; - isc_result_t result; - - result = resource2rlim(resource, &unixresource); - if (result != ISC_R_SUCCESS) { - return (result); - } - - if (value == ISC_RESOURCE_UNLIMITED) { - rlim_value = RLIM_INFINITY; - } else { - /* - * Carefully ensure the range of rlim_t is not overflowed, by - * calculating how many bytes wider is isc_resourcevalue_t than - * rlim_t, and whether rlim_t has a sign bit. - */ - isc_resourcevalue_t rlim_max = UINT64_MAX; - size_t wider = sizeof(rlim_max) - sizeof(rlim_t); - size_t sign_bit = (size_t)(0.0 > (double)(rlim_t)-1); - - rlim_max >>= CHAR_BIT * wider + sign_bit; - rlim_value = ISC_MIN(value, rlim_max); - } - - rl.rlim_cur = rl.rlim_max = rlim_value; - unixresult = setrlimit(unixresource, &rl); - - if (unixresult == 0) { - return (ISC_R_SUCCESS); - } - -#if defined(OPEN_MAX) && defined(__APPLE__) - /* - * The Darwin kernel doesn't accept RLIM_INFINITY for rlim_cur; the - * maximum possible value is OPEN_MAX. BIND8 used to use - * sysconf(_SC_OPEN_MAX) for such a case, but this value is much - * smaller than OPEN_MAX and is not really effective. - */ - if (resource == isc_resource_openfiles && rlim_value == RLIM_INFINITY) { - rl.rlim_cur = OPEN_MAX; - unixresult = setrlimit(unixresource, &rl); - if (unixresult == 0) { - return (ISC_R_SUCCESS); - } - } -#elif defined(__linux__) -#ifndef NR_OPEN -#define NR_OPEN (1024 * 1024) -#endif /* ifndef NR_OPEN */ - - /* - * Some Linux kernels don't accept RLIM_INFINIT; the maximum - * possible value is the NR_OPEN defined in linux/fs.h. - */ - if (resource == isc_resource_openfiles && rlim_value == RLIM_INFINITY) { - rl.rlim_cur = rl.rlim_max = NR_OPEN; - unixresult = setrlimit(unixresource, &rl); - if (unixresult == 0) { - return (ISC_R_SUCCESS); - } - } -#endif /* if defined(OPEN_MAX) && defined(__APPLE__) */ - if (resource == isc_resource_openfiles && rlim_value == RLIM_INFINITY) { - if (getrlimit(unixresource, &rl) == 0) { - rl.rlim_cur = rl.rlim_max; - unixresult = setrlimit(unixresource, &rl); - if (unixresult == 0) { - return (ISC_R_SUCCESS); - } - } - } - return (isc__errno2result(errno)); -} - -isc_result_t -isc_resource_getlimit(isc_resource_t resource, isc_resourcevalue_t *value) { - int unixresource; - struct rlimit rl; - isc_result_t result; - - result = resource2rlim(resource, &unixresource); - if (result != ISC_R_SUCCESS) { - return (result); - } - - if (getrlimit(unixresource, &rl) != 0) { - return (isc__errno2result(errno)); - } - - *value = rl.rlim_max; - return (ISC_R_SUCCESS); -} - -isc_result_t -isc_resource_getcurlimit(isc_resource_t resource, isc_resourcevalue_t *value) { - int unixresource; - struct rlimit rl; - isc_result_t result; - - result = resource2rlim(resource, &unixresource); - if (result != ISC_R_SUCCESS) { - return (result); - } - - if (getrlimit(unixresource, &rl) != 0) { - return (isc__errno2result(errno)); - } - - *value = rl.rlim_cur; - return (ISC_R_SUCCESS); -} diff --git a/lib/isccfg/namedconf.c b/lib/isccfg/namedconf.c index 8336b1a58f..0ea0cf151f 100644 --- a/lib/isccfg/namedconf.c +++ b/lib/isccfg/namedconf.c @@ -1219,8 +1219,8 @@ static cfg_clausedef_t options_clauses[] = { { "blackhole", &cfg_type_bracketed_aml, 0 }, { "cookie-algorithm", &cfg_type_cookiealg, 0 }, { "cookie-secret", &cfg_type_sstring, CFG_CLAUSEFLAG_MULTI }, - { "coresize", &cfg_type_size, CFG_CLAUSEFLAG_DEPRECATED }, - { "datasize", &cfg_type_size, CFG_CLAUSEFLAG_DEPRECATED }, + { "coresize", &cfg_type_size, CFG_CLAUSEFLAG_ANCIENT }, + { "datasize", &cfg_type_size, CFG_CLAUSEFLAG_ANCIENT }, { "deallocate-on-exit", NULL, CFG_CLAUSEFLAG_ANCIENT }, { "directory", &cfg_type_qstring, CFG_CLAUSEFLAG_CALLBACK }, #ifdef HAVE_DNSTAP @@ -1237,7 +1237,7 @@ static cfg_clausedef_t options_clauses[] = { { "dscp", &cfg_type_uint32, 0 }, { "dump-file", &cfg_type_qstring, 0 }, { "fake-iquery", NULL, CFG_CLAUSEFLAG_ANCIENT }, - { "files", &cfg_type_size, CFG_CLAUSEFLAG_DEPRECATED }, + { "files", &cfg_type_size, CFG_CLAUSEFLAG_ANCIENT }, { "flush-zones-on-shutdown", &cfg_type_boolean, 0 }, #ifdef HAVE_DNSTAP { "fstrm-set-buffer-hint", &cfg_type_uint32, 0 }, @@ -1319,7 +1319,7 @@ static cfg_clausedef_t options_clauses[] = { { "session-keyfile", &cfg_type_qstringornone, 0 }, { "session-keyname", &cfg_type_astring, 0 }, { "sit-secret", NULL, CFG_CLAUSEFLAG_ANCIENT }, - { "stacksize", &cfg_type_size, CFG_CLAUSEFLAG_DEPRECATED }, + { "stacksize", &cfg_type_size, CFG_CLAUSEFLAG_ANCIENT }, { "startup-notify-rate", &cfg_type_uint32, 0 }, { "statistics-file", &cfg_type_qstring, 0 }, { "statistics-interval", NULL, CFG_CLAUSEFLAG_ANCIENT }, @@ -2651,7 +2651,7 @@ cfg_type_t cfg_type_addzoneconf = { "addzoneconf", cfg_parse_mapbody, &cfg_rep_map, addzoneconf_clausesets }; static isc_result_t -parse_unitstring(char *str, isc_resourcevalue_t *valuep) { +parse_unitstring(char *str, uint64_t *valuep) { char *endp; unsigned int len; uint64_t value; diff --git a/tests/libtest/ns.c b/tests/libtest/ns.c index 3c813fc6ba..079d80b8d7 100644 --- a/tests/libtest/ns.c +++ b/tests/libtest/ns.c @@ -30,7 +30,6 @@ #include #include #include -#include #include #include #include