Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp3136244rdg;
        Tue, 17 Oct 2023 05:58:24 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IH/+C2bGUzjt+Rj0PC/6fzqAHKtM26wSB3aYIuMtJ1DsL7xV6e/GgsfKJr7dTv6XehcGYqy
X-Received: by 2002:a05:6359:8094:b0:142:f1d5:ef89 with SMTP id re20-20020a056359809400b00142f1d5ef89mr2294463rwb.5.1697547504642;
        Tue, 17 Oct 2023 05:58:24 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1697547504; cv=none;
        d=google.com; s=arc-20160816;
        b=BIrBasN6h+a9mfbWOniuizi16A6SiAV5d6SdG4gkzRlUV9fJe/fyzLGZNNxItpc+1s
         0i0i3N+X/Tg5YUFfk3Mdqtf3tfDubLu0XnDRve96TTefleksko29/R1xY4YU0FBB6+3y
         rKUViTdUrE9RfnlIgozh/ps4ugfZgS44KdosrIbkXejlItoPMPTciP3GzOWBL7Mu/lR8
         YlaGGDuloitPqc0QcOkw8lWvK/kXNa5DGEM3z0+OH6aDl1rILgaTbQzzc/ulA2nXlN7f
         7iQwE5FLbkSb6OmxypxWSfbZ+pJxWTqu8xL5Rq7zW4h8ZChljwafmKX9w+UM41p+7U6u
         VwYw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:user-agent:in-reply-to:message-id:organization
         :from:content-transfer-encoding:mime-version:date:references:subject
         :cc:to:dkim-signature;
        bh=Rh4av9ZBvRLmRywjSu7xTs3WHU0gvxg9oepAX9FuQZo=;
        fh=BrG4V6GIh432FGJbIp5V6sKlECnZ0t8xonlPv3nXmcU=;
        b=k1+zyejyndP71ehppBpwYepBicCBP3xmEXesIgVT8o/Q7S881GK9SvDPg3qmbyZgq4
         NhRKWQGzqvvwv+Pb+XmDDK5Xb+SNric90zyjX171Y9piWarSzbDywOX0abX6j2VNqliE
         c5KKj8J+v7YMLLlFFYMDw6sj4TiRehC0xR1cqp8YzHqav1F/SalNUEK0M90zUJ4tY1SQ
         GGbe9IjK3xE5aKJPbD4T6Q13omvYdu3YFeJQNa4+y0k7h5a5im6/cro041JG2dOW628Q
         6KgFagCvDhd/JdFu4dAP45+M+dYX4sMFBO0JGf/mDQOeYQ0R5yzKSV0aXbpj2wsiA10x
         7Iqw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=PXMSmTDy;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from fry.vger.email (fry.vger.email. [23.128.96.38])
        by mx.google.com with ESMTPS id u15-20020a056a00098f00b006bd2084d6ddsi1631046pfg.100.2023.10.17.05.58.24
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 17 Oct 2023 05:58:24 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) client-ip=23.128.96.38;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=PXMSmTDy;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by fry.vger.email (Postfix) with ESMTP id 3F53280A2348;
	Tue, 17 Oct 2023 05:58:22 -0700 (PDT)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.10 at fry.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1343704AbjJQM6M (ORCPT <rfc822;0x7f454c46@gmail.com>
        + 99 others); Tue, 17 Oct 2023 08:58:12 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33550 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S234939AbjJQM6K (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 17 Oct 2023 08:58:10 -0400
Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.24])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 677EEF1;
        Tue, 17 Oct 2023 05:58:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1697547488; x=1729083488;
  h=to:cc:subject:references:date:mime-version:
   content-transfer-encoding:from:message-id:in-reply-to;
  bh=I32QFltBg3yPBXTGLQ6KOLaePjTdxzeZg3SlmfoCBW0=;
  b=PXMSmTDyrJZGO8k6mHU6vGsSzqTGt2R3yzEbpQqNETcXIZXcp5lgAw4I
   melWZGO1fXinHIATBkRsx4SB+jznNoGWRtA6yxM3wqOTXLmnj3xL1DugZ
   VtuX6whPktwXURUZb6EUKvwaXVRfd1a+0zVxsdDYnYan21MIit/geRpp4
   x6EXuwozrag0ge8CE3trRMjKzLHrmZZbQDOG0r/SgtVgGVXUWq3XA6ljP
   2JQ03QMNzo4MYC3nV7ZqEUEmfOF1WxPE2R1DfNvMkT4pELuB/UIWQ6BDZ
   vX/XshBDYn9p7x1j2jY3NbTJQdbgrhdKefBHe6TcCpiCcA1j23eDZTtUn
   A==;
X-IronPort-AV: E=McAfee;i="6600,9927,10866"; a="388632763"
X-IronPort-AV: E=Sophos;i="6.03,232,1694761200"; 
   d="scan'208";a="388632763"
Received: from orsmga007.jf.intel.com ([10.7.209.58])
  by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Oct 2023 05:58:08 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6600,9927,10866"; a="749677569"
X-IronPort-AV: E=Sophos;i="6.03,232,1694761200"; 
   d="scan'208";a="749677569"
Received: from hhuan26-mobl.amr.corp.intel.com ([10.92.17.92])
  by orsmga007-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-SHA; 17 Oct 2023 05:58:04 -0700
Content-Type: text/plain; charset=iso-8859-15; format=flowed; delsp=yes
To:     "Christopherson,, Sean" <seanjc@google.com>,
        "Huang, Kai" <kai.huang@intel.com>
Cc:     "Zhang, Bo" <zhanb@microsoft.com>,
        "linux-sgx@vger.kernel.org" <linux-sgx@vger.kernel.org>,
        "cgroups@vger.kernel.org" <cgroups@vger.kernel.org>,
        "yangjie@microsoft.com" <yangjie@microsoft.com>,
        "dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
        "Li, Zhiquan1" <zhiquan1.li@intel.com>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        "mingo@redhat.com" <mingo@redhat.com>,
        "tglx@linutronix.de" <tglx@linutronix.de>,
        "tj@kernel.org" <tj@kernel.org>,
        "anakrish@microsoft.com" <anakrish@microsoft.com>,
        "jarkko@kernel.org" <jarkko@kernel.org>,
        "hpa@zytor.com" <hpa@zytor.com>,
        "mikko.ylinen@linux.intel.com" <mikko.ylinen@linux.intel.com>,
        "Mehta, Sohil" <sohil.mehta@intel.com>,
        "bp@alien8.de" <bp@alien8.de>, "x86@kernel.org" <x86@kernel.org>,
        "kristen@linux.intel.com" <kristen@linux.intel.com>
Subject: Re: [PATCH v5 12/18] x86/sgx: Add EPC OOM path to forcefully reclaim
 EPC
References: <20230923030657.16148-1-haitao.huang@linux.intel.com>
 <20230923030657.16148-13-haitao.huang@linux.intel.com>
 <1b265d0c9dfe17de2782962ed26a99cc9d330138.camel@intel.com>
 <ZSSZaFrxvCvR1SOy@google.com>
 <06142144151da06772a9f0cc195a3c8ffcbc07b7.camel@intel.com>
 <1f7a740f3acff8a04ec95be39864fb3e32d2d96c.camel@intel.com>
 <op.2clydbf8wjvjmi@hhuan26-mobl.amr.corp.intel.com>
 <631f34613bcc8b5aa41cf519fa9d76bcd57a7650.camel@intel.com>
 <op.2cpecbevwjvjmi@hhuan26-mobl.amr.corp.intel.com>
 <aa404549c7e292dd2ec93a5e6a8c9d6d880c06b3.camel@intel.com>
 <op.2cxatlafwjvjmi@hhuan26-mobl.amr.corp.intel.com>
 <35a7fde056037a40b3b4b170e2ecd45bf8c4ba9f.camel@intel.com>
 <op.2cxmq7c2wjvjmi@hhuan26-mobl.amr.corp.intel.com>
 <915907d56861ef4aa7f9f68e0eb8d136a60bee39.camel@intel.com>
Date:   Tue, 17 Oct 2023 07:58:02 -0500
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From:   "Haitao Huang" <haitao.huang@linux.intel.com>
Organization: Intel
Message-ID: <op.2cyma0e9wjvjmi@hhuan26-mobl.amr.corp.intel.com>
In-Reply-To: <915907d56861ef4aa7f9f68e0eb8d136a60bee39.camel@intel.com>
User-Agent: Opera Mail/1.0 (Win32)
X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
	DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no
	version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Tue, 17 Oct 2023 05:58:22 -0700 (PDT)

On Mon, 16 Oct 2023 20:34:57 -0500, Huang, Kai <kai.huang@intel.com> wrote:

> On Mon, 2023-10-16 at 19:10 -0500, Haitao Huang wrote:
>> On Mon, 16 Oct 2023 16:09:52 -0500, Huang, Kai <kai.huang@intel.com>  
>> wrote:
>> [...]
>>
>> > still need to fix the bug mentioned above here.
>> >
>> > I really think you should just go this simple way:
>> >
>> > When you want to take EPC back from VM, kill the VM.
>> >
>>
>> My only concern is that this is a compromise due to current limitation  
>> (no
>> other sane way to take EPC from VMs). If we define this behavior and it
>> becomes a contract to user space, then we can't change in future.
>
> Why do we need to "define such behaviour"?
>
> This isn't some kinda of kernel/userspace ABI IMHO, but only kernel  
> internal
> implementation.  Here VM is similar to normal host enclaves.  You limit  
> the
> resource, some host enclaves could be killed.  Similarly, VM could also  
> be
> killed too.
>
> And supporting VMM EPC oversubscription doesn't mean VM won't be  
> killed.  The VM
> can still be a target to kill after VM's all EPC pages have been swapped  
> out.
>
>>
>> On the other hand, my understanding the reason you want this behavior is
>> to enforce EPC limit at runtime.
>
> No I just thought this is a bug/issue needs to be fixed.  If anyone  
> believes
> this is not a bug/issue then it's a separate discussion.
>

AFAIK, before we introducing max_write() callback in this series, no misc  
controller would possibly enforce the limit when misc.max is reduced. e.g.  
I don't think CVMs be killed when ASID limit is reduced and the cgroup was  
full before limit is reduced.

I think EPC pages to VMs could have the same behavior, once they are given  
to a guest, never taken back by the host. For enclaves on host side, pages  
are reclaimable, that allows us to enforce in a similar way to memcg.

Thanks
Haitao