diff options
author | netblue30 <netblue30@yahoo.com> | 2019-09-29 19:03:16 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2019-09-29 19:03:16 -0400 |
commit | bef5d86a10ec8f75fe341abb6ad58948107ec56e (patch) | |
tree | 9218e8adfd88dc3a7807e34759f6db2e864907dd | |
parent | Update evince (diff) | |
download | firejail-bef5d86a10ec8f75fe341abb6ad58948107ec56e.tar.gz firejail-bef5d86a10ec8f75fe341abb6ad58948107ec56e.tar.zst firejail-bef5d86a10ec8f75fe341abb6ad58948107ec56e.zip |
increase socket buffer size for firemon, bug #2700
-rw-r--r-- | src/firemon/firemon.c | 4 | ||||
-rw-r--r-- | src/firemon/firemon.h | 3 | ||||
-rw-r--r-- | src/firemon/procevent.c | 31 | ||||
-rw-r--r-- | src/firemon/usage.c | 1 | ||||
-rw-r--r-- | src/man/firemon.txt | 3 |
5 files changed, 35 insertions, 7 deletions
diff --git a/src/firemon/firemon.c b/src/firemon/firemon.c index b3c435d9e..dad3b0afb 100644 --- a/src/firemon/firemon.c +++ b/src/firemon/firemon.c | |||
@@ -26,6 +26,7 @@ | |||
26 | #include <sys/stat.h> | 26 | #include <sys/stat.h> |
27 | 27 | ||
28 | pid_t skip_process = 0; | 28 | pid_t skip_process = 0; |
29 | int arg_debug = 0; | ||
29 | static int arg_route = 0; | 30 | static int arg_route = 0; |
30 | static int arg_arp = 0; | 31 | static int arg_arp = 0; |
31 | static int arg_tree = 0; | 32 | static int arg_tree = 0; |
@@ -142,7 +143,8 @@ int main(int argc, char **argv) { | |||
142 | printf("firemon version %s\n\n", VERSION); | 143 | printf("firemon version %s\n\n", VERSION); |
143 | return 0; | 144 | return 0; |
144 | } | 145 | } |
145 | 146 | else if (strcmp(argv[i], "--debug") == 0) | |
147 | arg_debug = 1; | ||
146 | // options without a pid argument | 148 | // options without a pid argument |
147 | else if (strcmp(argv[i], "--top") == 0) | 149 | else if (strcmp(argv[i], "--top") == 0) |
148 | arg_top = 1; | 150 | arg_top = 1; |
diff --git a/src/firemon/firemon.h b/src/firemon/firemon.h index 2e5647c2f..7f8bc698c 100644 --- a/src/firemon/firemon.h +++ b/src/firemon/firemon.h | |||
@@ -29,6 +29,9 @@ | |||
29 | #include "../include/pid.h" | 29 | #include "../include/pid.h" |
30 | #include "../include/common.h" | 30 | #include "../include/common.h" |
31 | 31 | ||
32 | // main.c | ||
33 | extern int arg_debug; | ||
34 | |||
32 | // clear screen | 35 | // clear screen |
33 | static inline void firemon_clrscr(void) { | 36 | static inline void firemon_clrscr(void) { |
34 | printf("\033[2J\033[1;1H"); | 37 | printf("\033[2J\033[1;1H"); |
diff --git a/src/firemon/procevent.c b/src/firemon/procevent.c index b79f12362..762d22514 100644 --- a/src/firemon/procevent.c +++ b/src/firemon/procevent.c | |||
@@ -173,6 +173,20 @@ static int procevent_netlink_setup(void) { | |||
173 | if (bind(sock, (struct sockaddr *)&addr, sizeof(addr)) < 0) | 173 | if (bind(sock, (struct sockaddr *)&addr, sizeof(addr)) < 0) |
174 | goto errexit; | 174 | goto errexit; |
175 | 175 | ||
176 | // set a large socket rx buffer | ||
177 | // the regular default value as set in /proc/sys/net/core/rmem_default will fill the | ||
178 | // buffer much quicker than we can process it | ||
179 | int bsize = 1024 * 1024; // 1MB | ||
180 | socklen_t blen = sizeof(int); | ||
181 | if (setsockopt(sock, SOL_SOCKET, SO_RCVBUFFORCE, &bsize, blen) == -1) | ||
182 | fprintf(stderr, "Warning: cannot set rx buffer size, using default system value\n"); | ||
183 | else if (arg_debug) { | ||
184 | if (getsockopt(sock, SOL_SOCKET, SO_RCVBUF, &bsize, &blen) == -1) | ||
185 | fprintf(stderr, "Error: cannot read rx buffer size\n"); | ||
186 | else | ||
187 | printf("rx buffer size %d\n", bsize / 2); // the value returned is duble the real one, see man 7 socket | ||
188 | } | ||
189 | |||
176 | // send monitoring message | 190 | // send monitoring message |
177 | struct nlmsghdr nlmsghdr; | 191 | struct nlmsghdr nlmsghdr; |
178 | memset(&nlmsghdr, 0, sizeof(nlmsghdr)); | 192 | memset(&nlmsghdr, 0, sizeof(nlmsghdr)); |
@@ -244,14 +258,19 @@ static int procevent_monitor(const int sock, pid_t mypid) { | |||
244 | } | 258 | } |
245 | 259 | ||
246 | 260 | ||
247 | if ((len = recv(sock, buf, sizeof(buf), 0)) == 0) { | 261 | if ((len = recv(sock, buf, sizeof(buf), 0)) == 0) |
248 | return 0; | 262 | return 0; |
249 | } | ||
250 | if (len == -1) { | 263 | if (len == -1) { |
251 | if (errno == EINTR) { | 264 | if (errno == EINTR) |
252 | return 0; | 265 | continue; |
253 | } else { | 266 | else if (errno == ENOBUFS) { |
254 | fprintf(stderr,"recv: %s\n", strerror(errno)); | 267 | // rx buffer is full, the kernel started dropping messages |
268 | printf("*** Waning *** - message burst received, not all events are printed\n"); | ||
269 | //return -1; | ||
270 | continue; | ||
271 | } | ||
272 | else { | ||
273 | fprintf(stderr,"Error: rx socket recv call, errno %d, %s\n", errno, strerror(errno)); | ||
255 | return -1; | 274 | return -1; |
256 | } | 275 | } |
257 | } | 276 | } |
diff --git a/src/firemon/usage.c b/src/firemon/usage.c index 3b9fe96c0..196fc32c3 100644 --- a/src/firemon/usage.c +++ b/src/firemon/usage.c | |||
@@ -31,6 +31,7 @@ static char *help_str = | |||
31 | "\t--caps - print capabilities configuration for each sandbox.\n\n" | 31 | "\t--caps - print capabilities configuration for each sandbox.\n\n" |
32 | "\t--cgroup - print control group information for each sandbox.\n\n" | 32 | "\t--cgroup - print control group information for each sandbox.\n\n" |
33 | "\t--cpu - print CPU affinity for each sandbox.\n\n" | 33 | "\t--cpu - print CPU affinity for each sandbox.\n\n" |
34 | "\t--debug - print debug messages.\n\n" | ||
34 | "\t--help, -? - this help screen.\n\n" | 35 | "\t--help, -? - this help screen.\n\n" |
35 | "\t--interface - print network interface information for each sandbox.\n\n" | 36 | "\t--interface - print network interface information for each sandbox.\n\n" |
36 | "\t--list - list all sandboxes.\n\n" | 37 | "\t--list - list all sandboxes.\n\n" |
diff --git a/src/man/firemon.txt b/src/man/firemon.txt index 214fcac44..40a00ec3f 100644 --- a/src/man/firemon.txt +++ b/src/man/firemon.txt | |||
@@ -25,6 +25,9 @@ Print control group information for each sandbox. | |||
25 | \fB\-\-cpu | 25 | \fB\-\-cpu |
26 | Print CPU affinity for each sandbox. | 26 | Print CPU affinity for each sandbox. |
27 | .TP | 27 | .TP |
28 | \fB\-\-debug | ||
29 | Print debug messages | ||
30 | .TP | ||
28 | \fB\-?\fR, \fB\-\-help\fR | 31 | \fB\-?\fR, \fB\-\-help\fR |
29 | Print options end exit. | 32 | Print options end exit. |
30 | .TP | 33 | .TP |