Nils,

Thanks for looking this over.

Nils Nieuwejaar wrote:
On Wed 08/16/06 at 09:10 AM, [EMAIL PROTECTED] wrote:
[...]
        dedicated-memory
[...]
                physical: A positive decimal number or a range with a required
[...]
                virtual: This accepts the same numbers as the 'physical'
                        property.  This will set the 'mset.minswap' and
                        'mset.maxswap' properties on the temporary mset.

Why not just call this 'swap'?  'virtual' memory has an established
definition that does not match this usage.  With this naming, I guarantee
we are going to get calls from confused customers wanting to know why
firefox has something mapped at 0xC000000 when they set a 'virtual memory'
limit of 1GB.

We can do that.  I think we picked virtual when Steve and I were talking
about this.  This is not in phase 1 of the project so we haven't spent
as much time on it.  Let me run this past Steve but we'll probably go ahead
and update the proposal to use swap.

4) Enable rcapd to limit zone memory while running in the global zone [9]

        Currently, to use rcapd(1M) to limit zone memory consumption, the
        rcapd process must be run within the zone.  While useful in some
        configurations, in situations where the zone administrator is
        untrusted, this is ineffective, since the zone administrator could
        simply change the rcapd limit.

        We will enhance rcapd so that it can limit each zone's memory
        consumption while it is running in the global zone.  This closes the
        rcapd loophole described above and allows the global zone administrator
        to set memory caps that can be enforced by a single, trusted process.

Currently rcapd will not run in a Linux zone.  This change will also allow
you to apply rcapd limits to branded zones.

Good point.  I will add that to the description.

Thanks again,
Jerry

_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org

Reply via email to