diff --git a/cmd/ocitools/validate.go b/cmd/ocitools/validate.go
index 0fab50202..246979aab 100644
--- a/cmd/ocitools/validate.go
+++ b/cmd/ocitools/validate.go
@@ -361,6 +361,11 @@ func checkLinux(spec rspec.Spec, rootfs string, hostCheck bool) (msgs []string)
 		}
 	}
 
+	if spec.Linux.Resources != nil {
+		ms := checkLinuxResources(*spec.Linux.Resources, hostCheck)
+		msgs = append(msgs, ms...)
+	}
+
 	if spec.Linux.Seccomp != nil {
 		ms := checkSeccomp(*spec.Linux.Seccomp)
 		msgs = append(msgs, ms...)
@@ -381,6 +386,21 @@ func checkLinux(spec rspec.Spec, rootfs string, hostCheck bool) (msgs []string)
 	return
 }
 
+func checkLinuxResources(r rspec.Resources, hostCheck bool) (msgs []string) {
+	logrus.Debugf("check linux resources")
+
+	if r.Memory != nil {
+		if r.Memory.Limit != nil && r.Memory.Swap != nil && uint64(*r.Memory.Limit) > uint64(*r.Memory.Swap) {
+			msgs = append(msgs, fmt.Sprintf("Minimum memoryswap should be larger than memory limit"))
+		}
+		if r.Memory.Limit != nil && r.Memory.Reservation != nil && uint64(*r.Memory.Reservation) > uint64(*r.Memory.Limit) {
+			msgs = append(msgs, fmt.Sprintf("Minimum memory limit should be larger than memory reservation"))
+		}
+	}
+
+	return
+}
+
 func checkSeccomp(s rspec.Seccomp) (msgs []string) {
 	logrus.Debugf("check seccomp")