#include "planetlab.h"
static int
-create_context(xid_t ctx, uint64_t bcaps, struct sliver_resources *slr)
+create_context(xid_t ctx, uint64_t bcaps)
{
struct vc_ctx_caps vc_caps;
- struct vc_net_nx vc_net;
struct vc_net_flags vc_nf;
/* Create network context */
- if (vc_net_create(ctx) == VC_NOCTX)
+ if (vc_net_create(ctx) == VC_NOCTX) {
+ if (errno == EEXIST)
+ goto process;
return -1;
+ }
/* Make the network context persistent */
vc_nf.mask = vc_nf.flagword = VC_NXF_PERSISTENT;
if (vc_set_nflags(ctx, &vc_nf))
return -1;
- /* XXX: Allow access to all IPv4 addresses (for now) */
- vc_net.type = vcNET_IPV4;
- vc_net.count = 1;
- vc_net.ip[0] = 0;
- vc_net.mask[0] = 0;
- if (vc_net_add(ctx, &vc_net) == -1)
- return -1;
-
+process:
/*
* Create context info - this sets the STATE_SETUP and STATE_INIT flags.
*/
if (vc_set_ccaps(ctx, &vc_caps))
return -1;
- pl_set_limits(ctx, slr);
+ if (pl_setsched(ctx, 1, 0) < 0) {
+ PERROR("pl_setsched(%u)", ctx);
+ exit(1);
+ }
return 0;
}
#define RETRY_LIMIT 10
int
-pl_chcontext(xid_t ctx, uint64_t bcaps, struct sliver_resources *slr)
+pl_chcontext(xid_t ctx, uint64_t bcaps, const struct sliver_resources *slr)
{
int retry_count = 0;
int net_migrated = 0;
+ pl_set_ulimits(slr);
+
for (;;)
{
struct vc_ctx_flags vc_flags;
return -1;
/* context doesn't exist - create it */
- if (create_context(ctx, bcaps,slr))
+ if (create_context(ctx, bcaps))
{
if (errno == EEXIST)
/* another process beat us in a race */
#define VSERVERCONF "/etc/vservers/"
void
-pl_get_limits(char *context, struct sliver_resources *slr)
+pl_get_limits(const char *context, struct sliver_resources *slr)
{
FILE *fb;
int cwd;
struct pl_resources *r;
struct pl_resources sliver_list[] = {
{"sched/fill-rate2", &slr->vs_cpu},
- {"sched/fill-rate", &slr->vs_cpuguaranteed},
-
+
{"rlimits/nproc.hard", &slr->vs_nproc.hard},
{"rlimits/nproc.soft", &slr->vs_nproc.soft},
{"rlimits/nproc.min", &slr->vs_nproc.min},
{"rlimits/openfd.soft", &slr->vs_openfd.soft},
{"rlimits/openfd.min", &slr->vs_openfd.min},
- {"whitelisted", &slr->vs_whitelisted},
-
- {"bcapabilities", NULL},
{0,0}
};
sprintf(conf, "%s%s", VSERVERCONF, context);
- slr->vs_cpu = VC_LIM_KEEP;
- slr->vs_cpuguaranteed = 0;
-
slr->vs_rss.hard = VC_LIM_KEEP;
slr->vs_rss.soft = VC_LIM_KEEP;
slr->vs_rss.min = VC_LIM_KEEP;
slr->vs_as.soft = VC_LIM_KEEP;
slr->vs_as.min = VC_LIM_KEEP;
-
slr->vs_nproc.hard = VC_LIM_KEEP;
slr->vs_nproc.soft = VC_LIM_KEEP;
slr->vs_nproc.min = VC_LIM_KEEP;
slr->vs_openfd.soft = VC_LIM_KEEP;
slr->vs_openfd.min = VC_LIM_KEEP;
- slr->vs_whitelisted = 1;
-
- slr->vs_capabilities.bcaps = 0;
- slr->vs_capabilities.bmask = 0;
- slr->vs_capabilities.ccaps = 0;
- slr->vs_capabilities.cmask = 0;
-
cwd = open(".", O_RDONLY);
if (cwd == -1) {
perror("cannot get a handle on .");
fb = fopen(r->name, "r");
if (fb == NULL)
continue;
- /* XXX: UGLY. */
- if (strcmp(r->name, "bcapabilities") == 0) {
- size_t len, i;
- struct vc_err_listparser err;
-
- len = fread(buf, 1, sizeof(buf), fb);
- for (i = 0; i < len; i++) {
- if (buf[i] == '\n')
- buf[i] = ',';
- }
- vc_list2bcap(buf, len, &err, &slr->vs_capabilities);
- }
- else
- if (fgets(buf, sizeof(buf), fb) != NULL && isdigit(*buf))
- *r->limit = atoi(buf);
+ if (fgets(buf, sizeof(buf), fb) != NULL && isdigit(*buf))
+ *r->limit = atoi(buf);
fclose(fb);
}
}
int
-adjust_lim(struct vc_rlimit *vcr, struct rlimit *lim)
+adjust_lim(const struct vc_rlimit *vcr, struct rlimit *lim)
{
int adjusted = 0;
if (vcr->min != VC_LIM_KEEP) {
return adjusted;
}
-void
-pl_set_limits(xid_t ctx, struct sliver_resources *slr)
+static inline void
+set_one_ulimit(int resource, const struct vc_rlimit *limit)
{
- struct rlimit lim; /* getrlimit values */
- unsigned long long vs_cpu;
- uint32_t cpu_sched_flags;
-
- if (slr != 0) {
- /* set memory limits */
- getrlimit(RLIMIT_RSS,&lim);
- if (adjust_lim(&slr->vs_rss, &lim)) {
- setrlimit(RLIMIT_RSS, &lim);
- if (vc_set_rlimit(ctx, RLIMIT_RSS, &slr->vs_rss))
- {
- PERROR("pl_setrlimit(%u, RLIMIT_RSS)", ctx);
- exit(1);
- }
- }
-
- /* set address space limits */
- getrlimit(RLIMIT_AS,&lim);
- if (adjust_lim(&slr->vs_as, &lim)) {
- setrlimit(RLIMIT_AS, &lim);
- if (vc_set_rlimit(ctx, RLIMIT_AS, &slr->vs_as))
- {
- PERROR("pl_setrlimit(%u, RLIMIT_AS)", ctx);
- exit(1);
- }
- }
- /* set nrpoc limit */
- getrlimit(RLIMIT_NPROC,&lim);
- if (adjust_lim(&slr->vs_nproc, &lim)) {
- setrlimit(RLIMIT_NPROC, &lim);
- if (vc_set_rlimit(ctx, RLIMIT_NPROC, &slr->vs_nproc))
- {
- PERROR("pl_setrlimit(%u, RLIMIT_NPROC)", ctx);
- exit(1);
- }
- }
+ struct rlimit lim;
+ getrlimit(resource, &lim);
+ adjust_lim(limit, &lim);
+ setrlimit(resource, &lim);
+}
- /* set openfd limit */
- getrlimit(RLIMIT_NOFILE,&lim);
- if (adjust_lim(&slr->vs_openfd, &lim)) {
- setrlimit(RLIMIT_NOFILE, &lim);
- if (vc_set_rlimit(ctx, RLIMIT_NOFILE, &slr->vs_openfd))
- {
- PERROR("pl_setrlimit(%u, RLIMIT_NOFILE)", ctx);
- exit(1);
- }
- if (vc_set_rlimit(ctx, VC_VLIMIT_OPENFD, &slr->vs_openfd))
- {
- PERROR("pl_setrlimit(%u, VLIMIT_OPENFD)", ctx);
- exit(1);
- }
- }
- vs_cpu = slr->vs_cpu;
- cpu_sched_flags = slr->vs_cpuguaranteed & VS_SCHED_CPU_GUARANTEED;
+void
+pl_set_ulimits(const struct sliver_resources *slr)
+{
+ if (!slr)
+ return;
- slr->vs_capabilities.bmask = vc_get_insecurebcaps();
- if (vc_set_ccaps(ctx, &slr->vs_capabilities) < 0) {
- PERROR("pl_setcaps(%u)", ctx);
- exit(1);
- }
- } else {
- vs_cpu = 1;
- cpu_sched_flags = 0;
- }
-
- if (pl_setsched(ctx, vs_cpu, cpu_sched_flags) < 0) {
- PERROR("pl_setsched(%u)", ctx);
- exit(1);
- }
+ set_one_ulimit(RLIMIT_RSS, &slr->vs_rss);
+ set_one_ulimit(RLIMIT_AS, &slr->vs_as);
+ set_one_ulimit(RLIMIT_NPROC, &slr->vs_nproc);
+ set_one_ulimit(RLIMIT_NOFILE, &slr->vs_openfd);
}