From: Dave Hansen <haveblue@us.ibm.com>

This patch makes vm_enough_memory(), more likely return failure when 
overcommit_memory==0 and !CAP_SYS_ADMIN.  I'm not sure it's worth having
another tunable just for this.

I also reworked the documentation a bit.  It should be a lot clearer to
read now.



 Documentation/sysctl/vm.txt            |   15 +++++++++------
 Documentation/vm/overcommit-accounting |    4 +++-
 mm/mmap.c                              |    6 ++++++
 3 files changed, 18 insertions(+), 7 deletions(-)

diff -puN Documentation/sysctl/vm.txt~overcommit-root-margin Documentation/sysctl/vm.txt
--- 25/Documentation/sysctl/vm.txt~overcommit-root-margin	2003-05-17 16:12:40.000000000 -0700
+++ 25-akpm/Documentation/sysctl/vm.txt	2003-05-17 16:12:40.000000000 -0700
@@ -35,17 +35,20 @@ See Documentation/filesystems/proc.txt
 overcommit_memory:
 
 This value contains a flag that enables memory overcommitment.
-When this flag is 0, the kernel checks before each malloc()
-to see if there's enough memory left. If the flag is nonzero,
-the system pretends there's always enough memory.
+
+When this flag is 0, the kernel attempts to estimate the amount
+of free memory left when userspace requests more memory.
+
+When this flag is 1, the kernel pretends there is always enough
+memory until it actually runs out.
+
+When this flag is 2, the kernel uses a "strict overcommit" 
+policy that attempts to prevent any overcommit of memory.  
 
 This feature can be very useful because there are a lot of
 programs that malloc() huge amounts of memory "just-in-case"
 and don't use much of it.
 
-A value  of 2 introduces a new "strict overcommit" policy
-that attempts to prevent any overcommit of memory.
-
 The default value is 0.
 
 See Documentation/vm/overcommit-accounting and
diff -puN Documentation/vm/overcommit-accounting~overcommit-root-margin Documentation/vm/overcommit-accounting
--- 25/Documentation/vm/overcommit-accounting~overcommit-root-margin	2003-05-17 16:12:40.000000000 -0700
+++ 25-akpm/Documentation/vm/overcommit-accounting	2003-05-17 16:12:40.000000000 -0700
@@ -3,7 +3,9 @@ The Linux kernel supports three overcomm
 0	-	Heuristic overcommit handling. Obvious overcommits of
 		address space are refused. Used for a typical system. It
 		ensures a seriously wild allocation fails while allowing
-		overcommit to reduce swap usage.  This is the default.
+		overcommit to reduce swap usage.  root is allowed to 
+		allocate slighly more memory in this mode. This is the 
+		default.
 
 1	-	No overcommit handling. Appropriate for some scientific
 		applications.
diff -puN mm/mmap.c~overcommit-root-margin mm/mmap.c
--- 25/mm/mmap.c~overcommit-root-margin	2003-05-17 16:12:40.000000000 -0700
+++ 25-akpm/mm/mmap.c	2003-05-17 16:12:40.000000000 -0700
@@ -93,6 +93,12 @@ int vm_enough_memory(long pages)
 		free += (inodes_stat.nr_unused * sizeof(struct inode)) >>
 			PAGE_SHIFT;
 
+		/*
+		 * Leave the last 3% for root
+		 */
+		if (!capable(CAP_SYS_ADMIN))
+			free -= free / 32;
+		
 		if (free > pages)
 			return 1;
 		vm_unacct_memory(pages);

_