Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp3247152rdg; Tue, 17 Oct 2023 08:43:24 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGZAW4fV1g4cRsBj8K2zvci0+V19QZm1o3gc/xLQzigCmJuJGC42UP//qCg5koGJXfZDXeC X-Received: by 2002:a05:6359:5ea0:b0:166:d379:93c1 with SMTP id px32-20020a0563595ea000b00166d37993c1mr2421591rwb.20.1697557404567; Tue, 17 Oct 2023 08:43:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697557404; cv=none; d=google.com; s=arc-20160816; b=dByLUGubuaqE7tB9K+QdHbeIztepdfzWTsfiQgpO7u8ZNqK2DXXhRumOpL661vv6Oq QQBcOvT3yqPPFQGeeqM5DUHFIdBpPXSBTSjhnuv/fgouWNP7fClDmfWA5dPIs68xI6/5 aqub8THBw+zJViMpJaWO1C3Z58iOwrQ9JKzjU0BIca4mm0cdWLrCtq7rJpIwj70mJRM0 4eB2T5INn4D7nOMx1mB1yPJAxeIJHG3GLZBrN2BWd4lMYSbq2PiocOTMAkS7emQ4y/WD RnGammgCzilrCzZIpjkjF7dJeEzZfvJN+4HmUdmgKuxmWHIEtD8vKBfcRvviz1UuBa+F FLiw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:references :mime-version:in-reply-to:date:dkim-signature; bh=afIEXriDw7jR2OJmvlYsK5e8xjDzcS+IGLCS2GPyEaM=; fh=Cfn9P3XkiI9C41jgPYR2H6APKCCsiAWTzIo3Bvb1Kuw=; b=oa7RGDPHzcKcxoPjSthD+if+jEEPXbZ1sPy1NEBY5b0PbYy3vrWT0Awhg+kgmScdCZ XqLQ9sBMdD5f3e4G5ogBpWpB5hUOw6Ihig0gHSSQ8bqhKAppsWhNBM0tMAiKaJSJVXKH PWtXzQyVqGvXjfsGD1fbe5aNTsU1FMoWe8Gq21dHPhKCuCoyRr5l4a6wYReCNPYOIfSu CLtd42gXVmChzUfpzDnsrtUUP3QgsLcf2UAA4UYr7uDsLT7nYnI2bz2glt0VrdU+nz/3 sh2zvWAICRcdyFZCx32HCIE4cPz3IpeRAsXvER9ggxUOVetabXv4T4scb6sH2+D60AR4 bgKw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=mrzTpio7; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from fry.vger.email (fry.vger.email. [23.128.96.38]) by mx.google.com with ESMTPS id d20-20020a056a0024d400b0068ff3a3c9d0si1968394pfv.91.2023.10.17.08.43.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 17 Oct 2023 08:43:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) client-ip=23.128.96.38; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=mrzTpio7; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id 2D3118031D59; Tue, 17 Oct 2023 08:43:22 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1344416AbjJQPnP (ORCPT + 99 others); Tue, 17 Oct 2023 11:43:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39164 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1344345AbjJQPnO (ORCPT ); Tue, 17 Oct 2023 11:43:14 -0400 Received: from mail-yb1-xb4a.google.com (mail-yb1-xb4a.google.com [IPv6:2607:f8b0:4864:20::b4a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9C79DED for ; Tue, 17 Oct 2023 08:43:12 -0700 (PDT) Received: by mail-yb1-xb4a.google.com with SMTP id 3f1490d57ef6-d9a5836ab12so8133338276.2 for ; Tue, 17 Oct 2023 08:43:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1697557392; x=1698162192; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=afIEXriDw7jR2OJmvlYsK5e8xjDzcS+IGLCS2GPyEaM=; b=mrzTpio76QStYgRsezbdWzx3S6MEiwNa7MbZutTB7mbca7K8vxFaL+FaYUWEJNVK6t g5cDfuRnPPO1BRC1u3+vFpdozvXu//2qUr76dH6x7ZYFgyucnIykBlhD1UOFmRCxwIOM SEPJiZIUsJGjJlfX/U7dMlLrd660fKTnsm2NSbgF3QW2GBBhZ9WPzA+lS45vy1jGi5Ml QyUePYtFkHU/pE/zUEweXfHBOxvLnfX85cz7woAa1RnB8DVIZeJrqE2oszW82J70KLs5 oDpoY6YmoTt97YV63GFi1sh2hWf5eMTeuusao4InlN/qylIiRsgvCzdhNlP25aJHmjMx 1lQg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697557392; x=1698162192; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=afIEXriDw7jR2OJmvlYsK5e8xjDzcS+IGLCS2GPyEaM=; b=vH9TVYZ7cT7PSaLOkUgOmkmvVJcPV8mH9bYBYlCOBV5xG/lNFhEaDcWE1ceVAQ1afm dLUupan5663BtcK3criFo+a3xMGZPOtdlmCdJM5oiXrS23VX1dCZj+BCCgCAfVzROUNp xkMNlh77Al4EZPwotXBtDqqwlYtP8wPXJ96hVWrJ35UatMk6IKN6NTxbR1SrS/6y4ak2 2bS3EmigRxgVziCymBMjGx4jw2ziASqah5DBaRUzI4XsWqMKCg0/0KzP/RfqM5rFtZoU Sf5ZTU/Eg7ImHzCMMQc7r5R+pet4nP5pN1CKvHB24vRvUn818ZSUYj66kIBo6h3/p7NH Lwnw== X-Gm-Message-State: AOJu0YxZg+yb7WkdwMQ8MKDIr0AEo6zKq3sDdMbUADKpK+/TEdBYDAoy C9cL72ryPL0Hd8aXTxSjd/nzx26ygzg= X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a25:d885:0:b0:d9a:c27e:5f38 with SMTP id p127-20020a25d885000000b00d9ac27e5f38mr49168ybg.12.1697557391852; Tue, 17 Oct 2023 08:43:11 -0700 (PDT) Date: Tue, 17 Oct 2023 08:43:10 -0700 In-Reply-To: Mime-Version: 1.0 References: <06142144151da06772a9f0cc195a3c8ffcbc07b7.camel@intel.com> <1f7a740f3acff8a04ec95be39864fb3e32d2d96c.camel@intel.com> <631f34613bcc8b5aa41cf519fa9d76bcd57a7650.camel@intel.com> Message-ID: Subject: Re: [PATCH v5 12/18] x86/sgx: Add EPC OOM path to forcefully reclaim EPC From: Sean Christopherson To: Haitao Huang Cc: Kai Huang , Bo Zhang , "linux-sgx@vger.kernel.org" , "cgroups@vger.kernel.org" , "yangjie@microsoft.com" , "dave.hansen@linux.intel.com" , Zhiquan1 Li , "linux-kernel@vger.kernel.org" , "mingo@redhat.com" , "tglx@linutronix.de" , "tj@kernel.org" , "anakrish@microsoft.com" , "jarkko@kernel.org" , "hpa@zytor.com" , "mikko.ylinen@linux.intel.com" , Sohil Mehta , "bp@alien8.de" , "x86@kernel.org" , "kristen@linux.intel.com" Content-Type: text/plain; charset="us-ascii" X-Spam-Status: No, score=-8.4 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Tue, 17 Oct 2023 08:43:22 -0700 (PDT) On Mon, Oct 16, 2023, Haitao Huang wrote: > Hi Sean > > On Mon, 16 Oct 2023 16:32:31 -0500, Sean Christopherson > wrote: > > > On Mon, Oct 16, 2023, Haitao Huang wrote: > > > From this perspective, I think the current implementation is > > > "well-defined": > > > EPC cgroup limits for VMs are only enforced at VM launch time, not > > > runtime. In practice, SGX VM can be launched only with fixed EPC size > > > and all those EPCs are fully committed to the VM once launched. > > > > Fully committed doesn't mean those numbers are reflected in the cgroup. A > > VM scheduler can easily "commit" EPC to a guest, but allocate EPC on > > demand, i.e. when the guest attempts to actually access a page. > > Preallocating memory isn't free, e.g. it can slow down guest boot, so it's > > entirely reasonable to have virtual EPC be allocated on-demand. Enforcing > > at launch time doesn't work for such setups, because from the cgroup's > > perspective, the VM is using 0 pages of EPC at launch. > > > Maybe I understood the current implementation wrong. From what I see, vEPC > is impossible not fully commit at launch time. The guest would EREMOVE all > pages during initialization resulting #PF and all pages allocated. This > essentially makes "prealloc=off" the same as "prealloc=on". > Unless you are talking about some custom OS or kernel other than upstream > Linux here? Yes, a customer could be running an older kernel, something other than Linux, a custom kernel, an out-of-tree SGX driver, etc. The host should never assume anything about the guest kernel when it comes to correctness (unless the guest kernel is controlled by the host). Doing EREMOVE on all pages is definitely not mandatory, especially if the kernel detects a hypervisor, i.e. knows its running as a guest.