summaryrefslogtreecommitdiffhomepage
path: root/pkg/sentry/fs/mount_overlay.go
diff options
context:
space:
mode:
authorFabricio Voznika <fvoznika@google.com>2019-04-17 12:56:23 -0700
committerShentubot <shentubot@google.com>2019-04-17 12:57:40 -0700
commitc8cee7108f1a1b37e89961c6dd69ccab97952c86 (patch)
tree57565d1df112795354487f636d42b9bca5a231e2 /pkg/sentry/fs/mount_overlay.go
parent08d99c5fbea76ecc92038280387d24ecdf7ed814 (diff)
Use FD limit and file size limit from host
FD limit and file size limit is read from the host, instead of using hard-coded defaults, given that they effect the sandbox process. Also limit the direct cache to use no more than half if the available FDs. PiperOrigin-RevId: 244050323 Change-Id: I787ad0fdf07c49d589e51aebfeae477324fe26e6
Diffstat (limited to 'pkg/sentry/fs/mount_overlay.go')
-rw-r--r--pkg/sentry/fs/mount_overlay.go11
1 files changed, 10 insertions, 1 deletions
diff --git a/pkg/sentry/fs/mount_overlay.go b/pkg/sentry/fs/mount_overlay.go
index 4c89673b5..fb60a1aec 100644
--- a/pkg/sentry/fs/mount_overlay.go
+++ b/pkg/sentry/fs/mount_overlay.go
@@ -31,10 +31,19 @@ type overlayMountSourceOperations struct {
func newOverlayMountSource(upper, lower *MountSource, flags MountSourceFlags) *MountSource {
upper.IncRef()
lower.IncRef()
- return NewMountSource(&overlayMountSourceOperations{
+ msrc := NewMountSource(&overlayMountSourceOperations{
upper: upper,
lower: lower,
}, &overlayFilesystem{}, flags)
+
+ // Use the minimum number to keep resource usage under limits.
+ size := lower.fscache.maxSize
+ if size > upper.fscache.maxSize {
+ size = upper.fscache.maxSize
+ }
+ msrc.fscache.setMaxSize(size)
+
+ return msrc
}
// Revalidate implements MountSourceOperations.Revalidate for an overlay by