On Thu, 16 Sep 1999 05:05:12 -0400, Jordan Mendelson <jordy@wserv.com> said:
> A few days ago I mentioned that robust resource limits really didn't
> exist in Linux. Alan Cox (who I thought moved to the US,
Not unless the US has larger territorial ambitions than I thought. :)
> I have searched high and low and can't find a good complete resource limits
> architecture in any Unix implementation. As I see it, there should be a few
> different categories of limits:
> Per-System : Limits which are placed on all processes
> Per-Group : Limits which are placed on all processes from a group id
> Per-User : Limits which are placed on all processes from a user id
> Per-Process Group : Limits which are placed on a group of processes (shared)
> Per-Process : Limits which are placed on a process
> Per-Thread Group : Limits which are placed on a group of threads (shared)
> Per-Thread : Limits which are placed on a thread
Ouch. Now every time I want to, say, perform a page fault, the kernel
has to check the process's resident set size against 7 separate limits?
And update those 7 limits too, causing 7 separate cache misses if
another CPU is hosting another thread of the same process and wants to
do the same thing?
That is way overkill, I'm afraid. Per-process (ie. per-thread-group)
and per-user is a much more manageable set and entirely covers the main
reasons why people want this: protection against a single runaway
process, and protection against a user DoS attack.
> Is this a bit of an overkill?
No, it's a lot of an overkill. :)
--Stephen
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/