From: Andrew Morton
Date: Thu Apr 01 2004 - 13:37:00 EST
William Lee Irwin III <wli@xxxxxxxxxxxxxx> wrote:
> On Thu, Apr 01, 2004 at 08:48:25AM -0800, William Lee Irwin III wrote:
> >> Something like this would have the minor advantage of zero core impact.
> >> Testbooted only. vs. 2.6.5-rc3-mm4
> On Thu, Apr 01, 2004 at 06:59:52PM +0200, Andrea Arcangeli wrote:
> > I certainly like this too (despite it's more complicated but it might
> > avoid us to have to add further sysctl in the future), Andrew what do
> > you prefer to merge? I don't mind either ways.
What is the Oracle requirement in detail?
If it's for access to hugetlbfs then there are the uid= and gid= mount
If it's for access to SHM_HUGETLB then there was some discussion about
extending the uid= thing to shm, but nothing happened. This could be
If it's just generally for the ability to mlock lots of memory then
RLIMIT_MEMLOCK would be preferable. I don't see why we'd need the sysctl
when `ulimit -m' is available? (Where is that patch btw?)
> There are a couple of off-by-ones in there I've got fixes for below.
Using the security framework is neat. There are currently large spinlock
contention problems in avc_has_perm_noaudit() which I suspect will make
SELinux problematic in some server environments. But I trust it is
possible to disable SELinux in config while using Bill's security module?
I guess we could live with sysctl which simply nukes CAP_IPC_LOCK, but it
has to be the when-all-else-failed option, yes?
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/