MCPcopy
hub / github.com/google/gvisor / Set

Method Set

pkg/sentry/limits/limits.go:217–235  ·  view source on GitHub ↗

Set assigns value v to resource of LimitType t and returns the old value. privileged should be true only when either the caller has CAP_SYS_RESOURCE or when creating limits for a new kernel.

(t LimitType, v Limit, privileged bool)

Source from the content-addressed store, hash-verified

215// privileged should be true only when either the caller has CAP_SYS_RESOURCE
216// or when creating limits for a new kernel.
217func (l *LimitSet) Set(t LimitType, v Limit, privileged bool) (Limit, error) {
218 l.mu.Lock()
219 defer l.mu.Unlock()
220
221 // If a limit is already set, make sure the new limit doesn't
222 // exceed the previous max limit.
223 if _, ok := l.data[t]; ok {
224 // Unprivileged users can only lower their hard limits.
225 if l.data[t].Max < v.Max && !privileged {
226 return Limit{}, unix.EPERM
227 }
228 if v.Cur > v.Max {
229 return Limit{}, unix.EINVAL
230 }
231 }
232 old := l.data[t]
233 l.data[t] = v
234 return old, nil
235}

Callers 3

TestSetFunction · 0.95
TestBrkDataLimitUpdatesFunction · 0.95
runTestFunction · 0.95

Calls 2

LockMethod · 0.65
UnlockMethod · 0.65

Tested by 3

TestSetFunction · 0.76
TestBrkDataLimitUpdatesFunction · 0.76
runTestFunction · 0.76