diff --git a/config-linux.md b/config-linux.md
index f7723c74c..428412bca 100644
--- a/config-linux.md
+++ b/config-linux.md
@@ -163,7 +163,7 @@ In addition to any devices configured with this setting, the runtime MUST also s
 ## Control groups
 
 Also known as cgroups, they are used to restrict resource usage for a container and handle device access.
-cgroups provide controls to restrict cpu, memory, IO, pids and network for the container.
+cgroups provide controls to restrict cpu, memory, IO, pids, network and intel_rdt for the container.
 For more information, see the [kernel cgroups documentation][cgroup-v1].
 
 The path to the cgroups can be specified in the Spec via `cgroupsPath`.
@@ -454,6 +454,23 @@ The following paramters can be specified to setup the controller:
    }
 ```
 
+#### Intel rdt 
+
+`intelRdt` represents the cgroup subsystem `intel_rdt`.
+For more information, see [the intel_rdt cgroup man page](https://lkml.org/lkml/2015/12/17/574).
+
+The following paramters can be specified to setup the controller:
+
+* **`l3Cbm`** *(uint64, optional)* - specifies L3 cache capacity bitmask (CBM) in the cgroup
+
+###### Example
+
+```json
+   "intelRdt": {
+        "l3Cbm": 4080 
+   }
+```
+
 ## Sysctl
 
 sysctl allows kernel parameters to be modified at runtime for the container.
diff --git a/config_linux.go b/config_linux.go
index 72027112f..95899ebd2 100644
--- a/config_linux.go
+++ b/config_linux.go
@@ -211,6 +211,12 @@ type Network struct {
 	Priorities []InterfacePriority `json:"priorities,omitempty"`
 }
 
+// IntelRdt for Linux cgroup 'intel_rdt' resource management
+type IntelRdt struct {
+	// L3 cache capacity bitmask (CBM) for container
+	L3Cbm *uint64 `json:"l3Cbm,omitempty"`
+}
+
 // Resources has container runtime resource constraints
 type Resources struct {
 	// Devices are a list of device rules for the whitelist controller
@@ -231,6 +237,8 @@ type Resources struct {
 	HugepageLimits []HugepageLimit `json:"hugepageLimits,omitempty"`
 	// Network restriction configuration
 	Network *Network `json:"network,omitempty"`
+	// IntelRdt restriction configuration
+	IntelRdt *IntelRdt `json:"intelRdt,omitempty"`
 }
 
 // Device represents the mknod information for a Linux special device file