diff options
author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2019-11-08 12:03:23 +0100 |
---|---|---|
committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2019-11-10 23:22:15 +0100 |
commit | ee19c8073345877c6cb9e6fa760660b82b71558d (patch) | |
tree | 432732e6ea7d8bea3fffc68f88649bf45be4acd4 /src/test/test-bpf-firewall.c | |
parent | d3472f9b50d76545f93f90662d1abd815e0a4c90 (diff) | |
download | systemd-ee19c8073345877c6cb9e6fa760660b82b71558d.tar.gz |
test-bpf-firewall: do not mlock() a large amount of memory
64MB is not that much, but let's not be greedy, esp. because we may run
many things in parallel.
Also, rlim_cur should never be higher than rlim_max, so let's simplify our
code.
Diffstat (limited to 'src/test/test-bpf-firewall.c')
-rw-r--r-- | src/test/test-bpf-firewall.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/test/test-bpf-firewall.c b/src/test/test-bpf-firewall.c index 3155cd24cf..9fd1b429db 100644 --- a/src/test/test-bpf-firewall.c +++ b/src/test/test-bpf-firewall.c @@ -16,8 +16,8 @@ #include "unit.h" #include "virt.h" -/* We use the same limit here that PID 1 bumps RLIMIT_MEMLOCK to if it can */ -#define CAN_MEMLOCK_SIZE (64U*1024U*1024U) +/* We use the small but non-trivial limit here */ +#define CAN_MEMLOCK_SIZE (512 * 1024U) static bool can_memlock(void) { void *p; @@ -64,7 +64,7 @@ int main(int argc, char *argv[]) { return log_tests_skipped("test-bpf-firewall fails inside LXC and Docker containers: https://github.com/systemd/systemd/issues/9666"); assert_se(getrlimit(RLIMIT_MEMLOCK, &rl) >= 0); - rl.rlim_cur = rl.rlim_max = MAX3(rl.rlim_cur, rl.rlim_max, CAN_MEMLOCK_SIZE); + rl.rlim_cur = rl.rlim_max = MAX(rl.rlim_max, CAN_MEMLOCK_SIZE); (void) setrlimit(RLIMIT_MEMLOCK, &rl); if (!can_memlock()) |