From cd053a9451232999d2284e2ff23e94a5047e9c70 Mon Sep 17 00:00:00 2001 From: Andrew Morton Date: Mon, 10 May 2004 00:09:00 -0700 Subject: [PATCH] Add sysctl to define a hugetlb-capable group From: "Chen, Kenneth W" , "Seth, Rohit" This patch addresses the longstanding problem wherein Oracle needs CAP_IPC_LOCK to allocate SHM_HUGETLB shm memory, but people don't want to run Oracle as root, and capabilties are busted. Various ideas with rlimits didn't work out, mainly because these objects live beyond the lifetime of the user processes which establish them. What we do is to create root-writeable /proc/sys/vm/hugetlb_shm_group which specifies a single group ID. Users who belong to that group may allocate hugepages for SHM_HUGETLB shm segments. So the sysadmin will greate a new group, say `hugepageusers', will add the oracle user to that group and will write that group's ID into /proc/sys/vm/hugetlb_shm_group. --- include/linux/hugetlb.h | 1 + include/linux/sysctl.h | 1 + 2 files changed, 2 insertions(+) (limited to 'include/linux') diff --git a/include/linux/hugetlb.h b/include/linux/hugetlb.h index 894127b192c4..deb4fe9b202b 100644 --- a/include/linux/hugetlb.h +++ b/include/linux/hugetlb.h @@ -30,6 +30,7 @@ void free_huge_page(struct page *); extern unsigned long max_huge_pages; extern const unsigned long hugetlb_zero, hugetlb_infinity; +extern int sysctl_hugetlb_shm_group; static inline void mark_mm_hugetlb(struct mm_struct *mm, struct vm_area_struct *vma) diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index d8929c6713d1..530911c3a186 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -163,6 +163,7 @@ enum VM_MAX_MAP_COUNT=22, /* int: Maximum number of mmaps/address-space */ VM_LAPTOP_MODE=23, /* vm laptop mode */ VM_BLOCK_DUMP=24, /* block dump mode */ + VM_HUGETLB_GROUP=25, /* permitted hugetlb group */ }; -- cgit v1.2.3