Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp3596311pxk; Mon, 21 Sep 2020 19:18:29 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwxTT/GwS7QsOy2dNpDxttz8tqIAbO+ISHwz6WWCgi3AMH6pR+k2Q3s5Gym1nkdr6GHU0FY X-Received: by 2002:a17:906:4e82:: with SMTP id v2mr2651807eju.218.1600741109584; Mon, 21 Sep 2020 19:18:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1600741109; cv=none; d=google.com; s=arc-20160816; b=gAQXF+ZtF3tVM6/Y/fR4FA2XqtoFuX7b/qnc3+1luvlC1PjnuWYJX0gNECMb6ASsnE b0fuLWTTNHqbWDOKawRtHj9JvrtZMVfrsp+t2AXrPUXW3+AsOwMZziyHoyMhL1E5Uk1O WAo1qrJubb2XnXida6A0yMW2PcncznXeejV8hQID9TAX4/ptOhNHtucy94UsbtTBnvIk gGmDFPhvP0289pqMDisMMQ+mqxqQjJ9YTwllrciwWT+YWgzHq5xYC9xrGPuvf/NjFsKI BFfh3c4yI92ezDJf8LtJBWFYMJJMpIjRLeBx+hHSzC7wPv//z2K3a1qVzX85aitM/qzA pzUg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:dkim-signature; bh=m8E8Vf5qksBX37a4kASi4E/iaS+WWUnkAWa42nHAhjg=; b=Z+G3UnilhRjvyAWB4ZqH3FO4WVNHjeoY7iTa6G9HHm3KVfCStkYep0Aeott/OA4vNR 0zV3KvkY3/dHJUT/Grvs3vXJPBH9W+Nz7f3k0mlqy+57wC+k95iuFriMV9Y0lauVxB4q Auyrz4JkOb23HtHtyFikVPTPVyYb70BuBfyytUxJuRo/RleBgRweQNeDwQqyPYy8PCTh xFRdQnSB8TDgi+i/cqRX+xVwATLtMW3yy9777iutxl+6qAKsKJo9mo57CLmsCdPbp4Py xUEH3NvECIEyyhriFC4XAEki9796imB0CmFvl7FGVyt2Wj1m6vl0HTSqlOVkeupv+XuQ hiaQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@infradead.org header.s=merlin.20170209 header.b=qiS7ovRS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id cc16si2951122edb.65.2020.09.21.19.18.06; Mon, 21 Sep 2020 19:18:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@infradead.org header.s=merlin.20170209 header.b=qiS7ovRS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729079AbgIVBET (ORCPT + 99 others); Mon, 21 Sep 2020 21:04:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54802 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728518AbgIVBET (ORCPT ); Mon, 21 Sep 2020 21:04:19 -0400 Received: from merlin.infradead.org (merlin.infradead.org [IPv6:2001:8b0:10b:1231::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 71919C061755; Mon, 21 Sep 2020 18:04:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=merlin.20170209; h=Content-Transfer-Encoding:Content-Type: In-Reply-To:MIME-Version:Date:Message-ID:From:References:Cc:To:Subject:Sender :Reply-To:Content-ID:Content-Description; bh=m8E8Vf5qksBX37a4kASi4E/iaS+WWUnkAWa42nHAhjg=; b=qiS7ovRSDJLAlLlHxV8YScSA/D ADYpxv41falafRgnGRUfs95YRpjVnTMh/me+7fWgiWuwphbH+xkqtQATwDX+1AsL130ahDXvu1aTG QBZvocvQjkSgnt78eqsOiHoP6SyNIs5ckBxnzEsIPBuvIiLDOFan4mIFq3VH0rUSGRBR/W8ZAsmlE XgFb4CMnINWDpFB1CagNZ+fqhivG8Bdwwyf6ttEKg5z1+98W37Se7NAYxxo93bw21hrxn9ny43Bmw dhMtbytyrQuWEec9D2pvXQTRNcM5WaLpBQB6O3kpKWgdOPq9XzKTd4ztQJ/stzoa4eekv5tAl3t3+ AxamSgRw==; Received: from [2601:1c0:6280:3f0:897c:6038:c71d:ecac] by merlin.infradead.org with esmtpsa (Exim 4.92.3 #3 (Red Hat Linux)) id 1kKWj7-0004eS-Db; Tue, 22 Sep 2020 01:04:13 +0000 Subject: Re: [RFC Patch 1/2] KVM: SVM: Create SEV cgroup controller. To: Vipin Sharma , thomas.lendacky@amd.com, pbonzini@redhat.com, sean.j.christopherson@intel.com, tj@kernel.org, lizefan@huawei.com Cc: joro@8bytes.org, corbet@lwn.net, brijesh.singh@amd.com, jon.grimm@amd.com, eric.vantassell@amd.com, gingell@google.com, rientjes@google.com, kvm@vger.kernel.org, x86@kernel.org, cgroups@vger.kernel.org, linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, Dionna Glaze , Erdem Aktas References: <20200922004024.3699923-1-vipinsh@google.com> <20200922004024.3699923-2-vipinsh@google.com> From: Randy Dunlap Message-ID: <94c3407d-07ca-8eaf-4073-4a5e2a3fb7b8@infradead.org> Date: Mon, 21 Sep 2020 18:04:04 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.12.0 MIME-Version: 1.0 In-Reply-To: <20200922004024.3699923-2-vipinsh@google.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, On 9/21/20 5:40 PM, Vipin Sharma wrote: > diff --git a/init/Kconfig b/init/Kconfig > index d6a0b31b13dc..1a57c362b803 100644 > --- a/init/Kconfig > +++ b/init/Kconfig > @@ -1101,6 +1101,20 @@ config CGROUP_BPF > BPF_CGROUP_INET_INGRESS will be executed on the ingress path of > inet sockets. > > +config CGROUP_SEV > + bool "SEV ASID controller" > + depends on KVM_AMD_SEV > + default n > + help > + Provides a controller for AMD SEV ASIDs. This controller limits and > + shows the total usage of SEV ASIDs used in encrypted VMs on AMD > + processors. Whenever a new encrypted VM is created using SEV on an > + AMD processor, this controller will check the current limit in the > + cgroup to which the task belongs and will deny the SEV ASID if the > + cgroup has already reached its limit. > + > + Say N if unsure. Something here (either in the bool prompt string or the help text) should let a reader know w.t.h. SEV means. Without having to look in other places... thanks. -- ~Randy