On Mon, 5 Dec 2011 19:35:00 -0200 Glauber Costa <glommer@xxxxxxxxxxxxx> wrote: > This patch uses the "tcp.limit_in_bytes" field of the kmem_cgroup to > effectively control the amount of kernel memory pinned by a cgroup. > > This value is ignored in the root cgroup, and in all others, > caps the value specified by the admin in the net namespaces' > view of tcp_sysctl_mem. > > If namespaces are being used, the admin is allowed to set a > value bigger than cgroup's maximum, the same way it is allowed > to set pretty much unlimited values in a real box. > > Signed-off-by: Glauber Costa <glommer@xxxxxxxxxxxxx> > CC: David S. Miller <davem@xxxxxxxxxxxxx> > CC: Hiroyouki Kamezawa <kamezawa.hiroyu@xxxxxxxxxxxxxx> > CC: Eric W. Biederman <ebiederm@xxxxxxxxxxxx> Reviewed-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@xxxxxxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe cgroups" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
