On Fri, Jun 16, 2000 at 01:43:51PM -0500, Sam Watters wrote:
> In addition to the registration functions, the PAGG changes provide
> hooks for updating process aggregate containers when processes fork and
> exit. In addition, a new paggctl system call is proposed to allow the
> following types of services:
>
> 1) creation of a new pagg container
> 2) signal all processes that are attached to the pagg container
> 3) wait for the completion of all processes in the pagg container
> 4) future resource limit capabilities based upon pagg container
That could be very useful. Linux is lacking
useful per user/group resource (memory, ports, processes) limitation support
at the moment[1]. This allows various local DoS attacks.
I guess your group accounting module is rather heavyweight. Having your hooks
support a minimal default resource manager too would be useful.
For that it would be probably need more hooks than just in fork/exit; for
example one in the page allocator. Does the existing code support resource
limitation ?
-Andi
[1] There are the beancounter patches, but they seem to be outdated now.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Jun 23 2000 - 21:00:12 EST