From f388cad3e0c44cbbfc18bd25acb636ef24f525e6 Mon Sep 17 00:00:00 2001
From: Robert Swiecki <robert@swiecki.net>
Date: Fri, 29 Sep 2023 18:11:40 +0200
Subject: [PATCH] contain: use prlimit64 instead of setrlimit64 which seems to
 be glibc-specific, so it compiles with musl too

---
 cmdline.cc |  2 +-
 contain.cc | 40 ++++++++++++++++++++--------------------
 util.cc    |  8 ++++++++
 util.h     | 11 +++++++++++
 4 files changed, 40 insertions(+), 21 deletions(-)

diff --git a/cmdline.cc b/cmdline.cc
index 46365cf..1419412 100644
--- a/cmdline.cc
+++ b/cmdline.cc
@@ -332,7 +332,7 @@ uint64_t parseRLimit(int res, const char *optarg, unsigned long mul) {
 		return RLIM64_INFINITY;
 	}
 	struct rlimit64 cur;
-	if (getrlimit64(res, &cur) == -1) {
+	if (util::getrlimit(res, &cur) == -1) {
 		PLOG_F("getrlimit(%d)", res);
 	}
 	if (strcasecmp(optarg, "def") == 0 || strcasecmp(optarg, "soft") == 0) {
diff --git a/contain.cc b/contain.cc
index bac5152..f0c8581 100644
--- a/contain.cc
+++ b/contain.cc
@@ -141,53 +141,53 @@ static bool containSetLimits(nsjconf_t* nsjconf) {
 
 	struct rlimit64 rl;
 	rl.rlim_cur = rl.rlim_max = nsjconf->rl_as;
-	if (setrlimit64(RLIMIT_AS, &rl) == -1) {
-		PLOG_E("setrlimit64(0, RLIMIT_AS, %" PRIu64 ")", nsjconf->rl_as);
+	if (util::setrlimit(RLIMIT_AS, rl) == -1) {
+		PLOG_E("util::setrlimit(0, RLIMIT_AS, %" PRIu64 ")", nsjconf->rl_as);
 		return false;
 	}
 	rl.rlim_cur = rl.rlim_max = nsjconf->rl_core;
-	if (setrlimit64(RLIMIT_CORE, &rl) == -1) {
-		PLOG_E("setrlimit64(0, RLIMIT_CORE, %" PRIu64 ")", nsjconf->rl_core);
+	if (util::setrlimit(RLIMIT_CORE, rl) == -1) {
+		PLOG_E("util::setrlimit(0, RLIMIT_CORE, %" PRIu64 ")", nsjconf->rl_core);
 		return false;
 	}
 	rl.rlim_cur = rl.rlim_max = nsjconf->rl_cpu;
-	if (setrlimit64(RLIMIT_CPU, &rl) == -1) {
-		PLOG_E("setrlimit64(0, RLIMIT_CPU, %" PRIu64 ")", nsjconf->rl_cpu);
+	if (util::setrlimit(RLIMIT_CPU, rl) == -1) {
+		PLOG_E("util::setrlimit(0, RLIMIT_CPU, %" PRIu64 ")", nsjconf->rl_cpu);
 		return false;
 	}
 	rl.rlim_cur = rl.rlim_max = nsjconf->rl_fsize;
-	if (setrlimit64(RLIMIT_FSIZE, &rl) == -1) {
-		PLOG_E("setrlimit64(0, RLIMIT_FSIZE, %" PRIu64 ")", nsjconf->rl_fsize);
+	if (util::setrlimit(RLIMIT_FSIZE, rl) == -1) {
+		PLOG_E("util::setrlimit(0, RLIMIT_FSIZE, %" PRIu64 ")", nsjconf->rl_fsize);
 		return false;
 	}
 	rl.rlim_cur = rl.rlim_max = nsjconf->rl_nofile;
-	if (setrlimit64(RLIMIT_NOFILE, &rl) == -1) {
-		PLOG_E("setrlimit64(0, RLIMIT_NOFILE, %" PRIu64 ")", nsjconf->rl_nofile);
+	if (util::setrlimit(RLIMIT_NOFILE, rl) == -1) {
+		PLOG_E("util::setrlimit(0, RLIMIT_NOFILE, %" PRIu64 ")", nsjconf->rl_nofile);
 		return false;
 	}
 	rl.rlim_cur = rl.rlim_max = nsjconf->rl_nproc;
-	if (setrlimit64(RLIMIT_NPROC, &rl) == -1) {
-		PLOG_E("setrlimit64(0, RLIMIT_NPROC, %" PRIu64 ")", nsjconf->rl_nproc);
+	if (util::setrlimit(RLIMIT_NPROC, rl) == -1) {
+		PLOG_E("util::setrlimit(0, RLIMIT_NPROC, %" PRIu64 ")", nsjconf->rl_nproc);
 		return false;
 	}
 	rl.rlim_cur = rl.rlim_max = nsjconf->rl_stack;
-	if (setrlimit64(RLIMIT_STACK, &rl) == -1) {
-		PLOG_E("setrlimit64(0, RLIMIT_STACK, %" PRIu64 ")", nsjconf->rl_stack);
+	if (util::setrlimit(RLIMIT_STACK, rl) == -1) {
+		PLOG_E("util::setrlimit(0, RLIMIT_STACK, %" PRIu64 ")", nsjconf->rl_stack);
 		return false;
 	}
 	rl.rlim_cur = rl.rlim_max = nsjconf->rl_mlock;
-	if (setrlimit64(RLIMIT_MEMLOCK, &rl) == -1) {
-		PLOG_E("setrlimit64(0, RLIMIT_MEMLOCK, %" PRIu64 ")", nsjconf->rl_mlock);
+	if (util::setrlimit(RLIMIT_MEMLOCK, rl) == -1) {
+		PLOG_E("util::setrlimit(0, RLIMIT_MEMLOCK, %" PRIu64 ")", nsjconf->rl_mlock);
 		return false;
 	}
 	rl.rlim_cur = rl.rlim_max = nsjconf->rl_rtpr;
-	if (setrlimit64(RLIMIT_RTPRIO, &rl) == -1) {
-		PLOG_E("setrlimit64(0, RLIMIT_RTPRIO, %" PRIu64 ")", nsjconf->rl_rtpr);
+	if (util::setrlimit(RLIMIT_RTPRIO, rl) == -1) {
+		PLOG_E("util::setrlimit(0, RLIMIT_RTPRIO, %" PRIu64 ")", nsjconf->rl_rtpr);
 		return false;
 	}
 	rl.rlim_cur = rl.rlim_max = nsjconf->rl_msgq;
-	if (setrlimit64(RLIMIT_MSGQUEUE, &rl) == -1) {
-		PLOG_E("setrlimit64(0, RLIMIT_MSGQUEUE , %" PRIu64 ")", nsjconf->rl_msgq);
+	if (util::setrlimit(RLIMIT_MSGQUEUE, rl) == -1) {
+		PLOG_E("util::setrlimit(0, RLIMIT_MSGQUEUE , %" PRIu64 ")", nsjconf->rl_msgq);
 		return false;
 	}
 	return true;
diff --git a/util.cc b/util.cc
index c05cb50..7f9d1fc 100644
--- a/util.cc
+++ b/util.cc
@@ -337,4 +337,12 @@ long syscall(long sysno, uintptr_t a0, uintptr_t a1, uintptr_t a2, uintptr_t a3,
 	return ::syscall(sysno, a0, a1, a2, a3, a4, a5);
 }
 
+long setrlimit(int res, const struct rlimit64& newlim) {
+	return util::syscall(__NR_prlimit64, 0, res, (uintptr_t)&newlim, (uintptr_t) nullptr);
+}
+
+long getrlimit(int res, struct rlimit64* curlim) {
+	return util::syscall(__NR_prlimit64, 0, res, (uintptr_t) nullptr, (uintptr_t)curlim);
+}
+
 }  // namespace util
diff --git a/util.h b/util.h
index b0f401a..d2ebd16 100644
--- a/util.h
+++ b/util.h
@@ -26,6 +26,7 @@
 #include <stdbool.h>
 #include <stdint.h>
 #include <stdlib.h>
+#include <sys/resource.h>
 
 #include <string>
 #include <vector>
@@ -41,6 +42,14 @@
 
 #define QC(x) (util::StrQuote(x).c_str())
 
+#if !defined(RLIM64_INFINITY)
+#define RLIM64_INFINITY (~0ULL)
+struct rlimit64 {
+	uint64_t rlim_cur;
+	uint64_t rlim_max;
+};
+#endif /* !defined(RLIM64_INFINITY) */
+
 namespace util {
 
 ssize_t readFromFd(int fd, void* buf, size_t len);
@@ -60,6 +69,8 @@ const std::string timeToStr(time_t t);
 std::vector<std::string> strSplit(const std::string str, char delim);
 long syscall(long sysno, uintptr_t a0 = 0, uintptr_t a1 = 0, uintptr_t a2 = 0, uintptr_t a3 = 0,
     uintptr_t a4 = 0, uintptr_t a5 = 0);
+long setrlimit(int res, const struct rlimit64& newlim);
+long getrlimit(int res, struct rlimit64* curlim);
 
 }  // namespace util