[Devel] Re: [PATCH 2/7] BC: kconfig
Randy.Dunlap
rdunlap at xenotime.net
Tue Aug 29 21:05:46 PDT 2006
On Tue, 29 Aug 2006 18:51:20 +0400 Kirill Korotaev wrote:
> Add kernel/bc/Kconfig file with BC options and
> include it into arch Kconfigs
>
> ---
> init/Kconfig | 2 ++
> kernel/bc/Kconfig | 25 +++++++++++++++++++++++++
> 2 files changed, 27 insertions(+)
>
> --- ./init/Kconfig.bckm 2006-07-10 12:39:10.000000000 +0400
> +++ ./init/Kconfig 2006-07-28 14:10:41.000000000 +0400
> @@ -222,6 +222,8 @@ source "crypto/Kconfig"
>
> Say N if unsure.
>
> +source "kernel/bc/Kconfig"
> +
> config SYSCTL
> bool
>
> --- ./kernel/bc/Kconfig.bckm 2006-07-28 13:07:38.000000000 +0400
> +++ ./kernel/bc/Kconfig 2006-07-28 13:09:51.000000000 +0400
> @@ -0,0 +1,25 @@
> +#
> +# Resource beancounters (BC)
> +#
> +# Copyright (C) 2006 OpenVZ. SWsoft Inc
> +
> +menu "User resources"
> +
> +config BEANCOUNTERS
> + bool "Enable resource accounting/control"
> + default n
> + help
> + When Y this option provides accounting and allows to configure
"allows" needs an object after it, like "you" or "one".
> + limits for user's consumption of exhaustible system resources.
> + The most important resource controlled by this patch is unswappable
> + memory (either mlock'ed or used by internal kernel structures and
> + buffers). The main goal of this patch is to protect processes
> + from running short of important resources because of an accidental
drop "an"
> + misbehavior of processes or malicious activity aiming to ``kill''
> + the system. It's worth to mention that resource limits configured
s/to mention/mentioning/
> + by setrlimit(2) do not give an acceptable level of protection
> + because they cover only small fraction of resources and work on a
"only a small fraction"
> + per-process basis. Per-process accounting doesn't prevent malicious
> + users from spawning a lot of resource-consuming processes.
> +
> +endmenu
and there are several lines that end with <space> (don't do that :).
---
~Randy
More information about the Devel
mailing list