Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp922127rdg; Wed, 11 Oct 2023 09:05:37 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGuy3x/eMucntgsz7/vU0crBaBNjN7STKop9ukyV40HqAKIOcCLYJ7X/Xn+B0APpPIBuDlm X-Received: by 2002:a17:903:41c1:b0:1c3:c687:478c with SMTP id u1-20020a17090341c100b001c3c687478cmr28765733ple.8.1697040337214; Wed, 11 Oct 2023 09:05:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697040337; cv=none; d=google.com; s=arc-20160816; b=HJXHtEB00Y8vqyGAPtVk2c2Zvh1/YBEZO7N545gjsXAVKLEVTY4/+MHTbNnxbzVl0C x+qSn30jNMM+04P7p3ZA5EnMo4jsK65sqRZqmOchCiOkKVB9GwDMAJoCpSdR3MSDa9eZ nfpHMjIGFofjA6Ipoq5aoSZcGyYy5smKEDoz1wDcTAPT8OzhuGAY2MvL0B99AfHNlq0O LI7QU5r0Er+SfyfYRIMgEw0mgsJJnnQq/Tkl2TGUeQcvOSPHB6GNG83D9YD76N9D84DN Sq0sNUFuZfRa4QFS+muKF/esy/rp8VADzW6Pp4nTYexaOzSzhsYKo2zVvnNsDt+jcgFA V8+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:message-id:organization :from:content-transfer-encoding:mime-version:date:references:subject :cc:to:dkim-signature; bh=pk+gOtMZSX1m78fWGJwfLuerICHXm68ztNME/l3W/+g=; fh=7EyztiEOh6wA5x0gRxMSqlUE8JlkZb2ZZeqjGapw/cE=; b=hW9KVLxHYwrZrLpflgqme4XSwgE+CvEIQAkCZeG7+LQyIgZzLYvlJ1hG7g2YxGXYX2 PP3VBtWUSrpvAMV9UuDOSIkPGmOHhnxPk/YLW6ioBcvFNzFrpU8lGaniyhUxsNJhNJSo 1EoZ1VHC+Q5bWZXl8HFI1ovYQ8roiydIitunC0tFAWZr2o5r7ZDTtxLc6XM29oObReKs +Di3txzf6wpzq9ZcKJRYcxa+oh1NfF8uYLyZZDix1iyuIpMZlI/9Kb9qjSTWq7kDhKJG oALf2CPSlwKysu5R4LmWvXOgLWV4pL/0a4p+iRwB1SQnp25LkbIRp7eXks4Q/i25YbfN qfWA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=m27ZUF+o; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from fry.vger.email (fry.vger.email. [23.128.96.38]) by mx.google.com with ESMTPS id n4-20020a1709026a8400b001c9cc838d72si32720plk.125.2023.10.11.09.05.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 11 Oct 2023 09:05:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) client-ip=23.128.96.38; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=m27ZUF+o; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id CF1D28022C93; Wed, 11 Oct 2023 09:05:10 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234961AbjJKQE7 (ORCPT + 99 others); Wed, 11 Oct 2023 12:04:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46866 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232345AbjJKQE6 (ORCPT ); Wed, 11 Oct 2023 12:04:58 -0400 Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.100]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E15079D; Wed, 11 Oct 2023 09:04:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1697040296; x=1728576296; h=to:cc:subject:references:date:mime-version: content-transfer-encoding:from:message-id:in-reply-to; bh=inxQ3IranDcT46Lz+YqsdFYxNjUb8dv9j72WAW4wQlI=; b=m27ZUF+o1gWw7R+i6U3fDCvmJeyvJwQFcnWSUSNK+SoR3wWWPdlDfwai jmb7ppkSV6aH+Np7wroDCs3cdv18De6aWVim8N1v7GXR480/sIv2x61Q4 +DixMdzCB9MLPZ8DWYqHvzWDpCPafd5XCIJ8VZJSdfTs2v343weuu5ttO C+FK1ukKrFAAUqER3+ysnkTgvdo/dbeN0DyZSDKX6i+S936TwNA8oEuk0 W7TCwOd3U6yrCIjgrxkYybmI171qYQUNgqHBPDpVvJTfNqBeV9hhdszwz YWEVKBVqBylnV00HXcJMYk8UWgGp/AVEDxcdVepe3ibL7JmCeng7io+DS A==; X-IronPort-AV: E=McAfee;i="6600,9927,10860"; a="451193463" X-IronPort-AV: E=Sophos;i="6.03,216,1694761200"; d="scan'208";a="451193463" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Oct 2023 09:04:56 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10860"; a="877736596" X-IronPort-AV: E=Sophos;i="6.03,216,1694761200"; d="scan'208";a="877736596" Received: from hhuan26-mobl.amr.corp.intel.com ([10.92.96.100]) by orsmga004-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-SHA; 11 Oct 2023 09:04:54 -0700 Content-Type: text/plain; charset=iso-8859-15; format=flowed; delsp=yes To: "Mehta, Sohil" , "linux-sgx@vger.kernel.org" , "x86@kernel.org" , "dave.hansen@linux.intel.com" , "cgroups@vger.kernel.org" , "hpa@zytor.com" , "mingo@redhat.com" , "tj@kernel.org" , "bp@alien8.de" , "tglx@linutronix.de" , "jarkko@kernel.org" , "linux-kernel@vger.kernel.org" , "Huang, Kai" Cc: "kristen@linux.intel.com" , "yangjie@microsoft.com" , "Li, Zhiquan1" , "Christopherson,, Sean" , "mikko.ylinen@linux.intel.com" , "Zhang, Bo" , "anakrish@microsoft.com" Subject: Re: [PATCH v5 12/18] x86/sgx: Add EPC OOM path to forcefully reclaim EPC References: <20230923030657.16148-1-haitao.huang@linux.intel.com> <20230923030657.16148-13-haitao.huang@linux.intel.com> <1b265d0c9dfe17de2782962ed26a99cc9d330138.camel@intel.com> <8593359034d9173be5efd9c055ea782e44fbcdad.camel@intel.com> Date: Wed, 11 Oct 2023 11:04:53 -0500 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: "Haitao Huang" Organization: Intel Message-ID: In-Reply-To: <8593359034d9173be5efd9c055ea782e44fbcdad.camel@intel.com> User-Agent: Opera Mail/1.0 (Win32) X-Spam-Status: No, score=2.8 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, RCVD_IN_SBL_CSS,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Wed, 11 Oct 2023 09:05:11 -0700 (PDT) X-Spam-Level: ** On Tue, 10 Oct 2023 19:31:19 -0500, Huang, Kai wrote: > On Tue, 2023-10-10 at 12:05 -0500, Haitao Huang wrote: >> On Mon, 09 Oct 2023 21:12:27 -0500, Huang, Kai >> wrote: >> >> > >> > > > > > >> > > > > Later the hosting process could migrated/reassigned to another >> > > cgroup? >> > > > > What to do when the new cgroup is OOM? >> > > > > >> > > > >> > > > You addressed in the documentation, no? >> > > > >> > > > +Migration >> > > > +--------- >> > > > + >> > > > +Once an EPC page is charged to a cgroup (during allocation), it >> > > > +remains charged to the original cgroup until the page is released >> > > > +or reclaimed. Migrating a process to a different cgroup doesn't >> > > > +move the EPC charges that it incurred while in the previous >> cgroup >> > > > +to its new cgroup. >> > > >> > > Should we kill the enclave though because some VA pages may be in >> the >> > > new >> > > group? >> > > >> > >> > I guess acceptable? >> > >> > And any difference if you keep VA/SECS to unreclaimabe list? >> >> Tracking VA/SECS allows all cgroups, in which an enclave has allocation, >> to identify the enclave following the back pointer and kill it as >> needed. >> >> > If you migrate one >> > enclave to another cgroup, the old EPC pages stay in the old cgroup >> > while the >> > new one is charged to the new group IIUC. >> > >> > I am not cgroup expert, but by searching some old thread it appears >> this >> > isn't a >> > supported model: >> > >> > https://lore.kernel.org/lkml/YEyR9181Qgzt+Ps9@mtj.duckdns.org/ >> > >> >> IIUC it's a different problem here. If we don't track the allocated VAs >> in >> the new group, then the enclave that spans the two groups can't be >> killed >> by the new group. If so, some enclave could just hide in some small >> group >> and never gets killed but keeps allocating in a different group? >> > > I mean from the link above IIUC migrating enclave among different > cgroups simply > isn't a supported model, thus any bad behaviour isn't a big concern in > terms of > decision making. If we leave some pages in a cgroup unkillable, we are in the same situation of not able to enforce a cgroup limit as that we are are in if we don't kill VMs for lower limits. I think not supporting migration of pages between cgroups should not leave a gap for enforcement just like we don't want to have an enforcement gap if we let VMs to hold pages once it is launched. Haitao