Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp2833341rdg; Mon, 16 Oct 2023 17:09:31 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGEdlDgxrjSqoEI7MEDADYGje0z0U4mWx0vXDq0ILZ13KQTA4spSjKm5ujTzVl9HcqLQ1BP X-Received: by 2002:a17:90a:1c88:b0:27d:57d:dcb8 with SMTP id t8-20020a17090a1c8800b0027d057ddcb8mr646992pjt.47.1697501371001; Mon, 16 Oct 2023 17:09:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697501370; cv=none; d=google.com; s=arc-20160816; b=Sg4Xm3ZKk2wuo0TGng0HFiUXdWksyApQl050xdtrw7el/91HW1i/ozk/vR3S/sSZZJ UV590QdIqz+JQ+x5Ypt7eBbtakB48CqnxQmPp5XNGVliqNxyC1eMNJaMq+M1Flif+IbP u/uAHfCHd1Na9o+sJY+V+NVbMFnJndZBgndH8k1vyjDVMPvI/0UEuAk7nHO0ncRx4/IM b1QBpN+4Kyro83jvwLV6HfM5WcKaV/PAMe2YHePqd1fABazBMHnDzkkGLbhGylgyRnm/ bf1U9vRUdmu8FrS1COy345ehfqz3uCLmmspyOQjscl5KXs9YWdVdaDyWy1ZBzhNVwmAV u34A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:message-id:organization :from:content-transfer-encoding:mime-version:date:references:subject :cc:to:dkim-signature; bh=oNW2sCh48vZqtepYwYXcISJx7dA/g0eD9CnZMpJs/i0=; fh=jLEhYDooJF8fWfTes4DpRDr8G/LAh41ALGhL2+Ltruo=; b=ztJSrHGKhj67sQpnGV17ou7YMElUi1f7bI9eXViwKcQ1jPKtyYA3RtB0kNtGSBSG/1 PGApinG8WaomidZiKA3OKSNI2VN7fnn6JL1tF6iLrzJ4gCpuB/OQhuqKc9Nc+xgdn+ll CkPvAA0ueMXeuNkX7MUwfCQ3EZUGT2QnGdeeh0ofK43rgszzp3SAIL12C7r2csi3U/pn z7OX1hUDEPW3tLQCl1DmyCGtSIMi6YTWXes3em55+z9vpX+oVEezM0d7LSinqbB5O7JV iCZCn5iv9XkSq4ZFl1XK9weuSyZFO2NwkBvavghpsy0EAEQY9Z1Kc5dgowdC6qNZDonH mf0Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=XCcd8jxY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from morse.vger.email (morse.vger.email. [23.128.96.31]) by mx.google.com with ESMTPS id bu23-20020a632957000000b005a1d8815fefsi466082pgb.187.2023.10.16.17.09.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 16 Oct 2023 17:09:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) client-ip=23.128.96.31; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=XCcd8jxY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.31 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by morse.vger.email (Postfix) with ESMTP id C935680440C8; Mon, 16 Oct 2023 17:09:28 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at morse.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233714AbjJQAJL (ORCPT + 99 others); Mon, 16 Oct 2023 20:09:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42780 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232096AbjJQAJK (ORCPT ); Mon, 16 Oct 2023 20:09:10 -0400 Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.20]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2D48D92; Mon, 16 Oct 2023 17:09:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1697501349; x=1729037349; h=to:cc:subject:references:date:mime-version: content-transfer-encoding:from:message-id:in-reply-to; bh=156Vrx2+XHjHglrddNuXHYlGZ2Y4gw7x8LsBHYyeQQw=; b=XCcd8jxYaNl/CFoFVJmsVvi/WpC8LYZQTKBlORWu0L1YGan2PNg3mjkY 6TP58q6cHtKMNPn0RzDSvyzZl6f4a3am1Vo4kz+eUd+/4uuGV+px/0EtF hiP35Z/+P9ENgugeZi1wvOGmkpnwv/q5wij4zIch2XK6oI9Fs8+JV7FqD 0lPaLnNuqGuWlTHvK6LmJae0V3il9t8xYkuSNoXli9LVXZSulaoh6i62i lrlEIf2bMD6gGFmYzsFVNzvcpvScPYVr3lPaWOyvG+V/DVhiaUF7QbU+B pmy2AFfSuNeWU9RmFWjm6zGW4OGnspUMJxHSG+pmY3Okb1Q1lOo/+dEyT Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10865"; a="376036887" X-IronPort-AV: E=Sophos;i="6.03,230,1694761200"; d="scan'208";a="376036887" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Oct 2023 17:09:08 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10865"; a="755882542" X-IronPort-AV: E=Sophos;i="6.03,230,1694761200"; d="scan'208";a="755882542" Received: from hhuan26-mobl.amr.corp.intel.com ([10.92.17.92]) by orsmga002-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-SHA; 16 Oct 2023 17:09:06 -0700 Content-Type: text/plain; charset=iso-8859-15; format=flowed; delsp=yes To: "Sean Christopherson" Cc: "Kai Huang" , "Bo Zhang" , "linux-sgx@vger.kernel.org" , "cgroups@vger.kernel.org" , "yangjie@microsoft.com" , "dave.hansen@linux.intel.com" , "Zhiquan1 Li" , "linux-kernel@vger.kernel.org" , "mingo@redhat.com" , "tglx@linutronix.de" , "tj@kernel.org" , "anakrish@microsoft.com" , "jarkko@kernel.org" , "hpa@zytor.com" , "mikko.ylinen@linux.intel.com" , "Sohil Mehta" , "bp@alien8.de" , "x86@kernel.org" , "kristen@linux.intel.com" Subject: Re: [PATCH v5 12/18] x86/sgx: Add EPC OOM path to forcefully reclaim EPC References: <20230923030657.16148-13-haitao.huang@linux.intel.com> <1b265d0c9dfe17de2782962ed26a99cc9d330138.camel@intel.com> <06142144151da06772a9f0cc195a3c8ffcbc07b7.camel@intel.com> <1f7a740f3acff8a04ec95be39864fb3e32d2d96c.camel@intel.com> <631f34613bcc8b5aa41cf519fa9d76bcd57a7650.camel@intel.com> Date: Mon, 16 Oct 2023 19:09:04 -0500 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: "Haitao Huang" Organization: Intel Message-ID: In-Reply-To: User-Agent: Opera Mail/1.0 (Win32) X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Mon, 16 Oct 2023 17:09:29 -0700 (PDT) Hi Sean On Mon, 16 Oct 2023 16:32:31 -0500, Sean Christopherson wrote: > On Mon, Oct 16, 2023, Haitao Huang wrote: >> From this perspective, I think the current implementation is >> "well-defined": >> EPC cgroup limits for VMs are only enforced at VM launch time, not >> runtime. >> In practice, SGX VM can be launched only with fixed EPC size and all >> those >> EPCs are fully committed to the VM once launched. > > Fully committed doesn't mean those numbers are reflected in the cgroup. > A VM > scheduler can easily "commit" EPC to a guest, but allocate EPC on > demand, i.e. > when the guest attempts to actually access a page. Preallocating memory > isn't > free, e.g. it can slow down guest boot, so it's entirely reasonable to > have virtual > EPC be allocated on-demand. Enforcing at launch time doesn't work for > such setups, > because from the cgroup's perspective, the VM is using 0 pages of EPC at > launch. > Maybe I understood the current implementation wrong. From what I see, vEPC is impossible not fully commit at launch time. The guest would EREMOVE all pages during initialization resulting #PF and all pages allocated. This essentially makes "prealloc=off" the same as "prealloc=on". Unless you are talking about some custom OS or kernel other than upstream Linux here? Thanks Haitap