Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp3353044rdg; Tue, 17 Oct 2023 11:54:58 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFO6P6vCoH8b9HGWqSOzo/GElbJ0Bt40HKRZtx6m5wMh+yLabjqXkk+uyKF3EAX3vkdi3BZ X-Received: by 2002:a05:6830:901:b0:6c0:f451:ab6a with SMTP id v1-20020a056830090100b006c0f451ab6amr3684538ott.8.1697568898325; Tue, 17 Oct 2023 11:54:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697568898; cv=none; d=google.com; s=arc-20160816; b=L1c4Y7v1SFJs8KwyDmJKXc2E4c+LRxTGQbl3LuvWgu3fqEEu76+MK5ZEAMvEiGWZqN lmOT6QR8O2szyNi9zHVOhRml4vH/9wrrJ9m9aOyWiNABJuqTNI8hANeVKEVZ+z7SZOxP M7o00tqcb0duMDSPyXMAKD5dtExCbiWIfLhfxF/PCkJrHmj+32wzN73D9aT4Y+bIK7OY 4QytKY99FFCtvk2P/B7xLP4ZKm8cUbBkhY6nTdDEhACY2nIH1lDJsIBKjzMUY+8rcLns h7zN5eNveAuP4sX4vyO6SXuw4Jpy1qPf/dgal9sMgSmiDdCXxCp/26YYGT5XA7/LbJ0g eAFw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=WV8+QfL+W0GjUUx4DVAHsFccb/fwVlTGl0IqfxdfoSI=; fh=Be9KPvkMAM+A9usWJ9TVgQQp4CpAtPE3YGl+6SBn1nE=; b=lUQ5kcMjfbIiLaZlOkn/Q0zg8CBicJHwioW19IXF+0boSCMtpgTLBon11WcTF4tHaq yg968tj7E1+T2LLr6aBB0GDC+OfBRCgQQ7zKF1/zD33KZVJKIucVGjU6FkjQQDwCzdvB /UIttnufsfzKSzF2djAogDJaXXeVgeOQCiEJucoDHq4GfGxV6aagEhyYQi6JUPDhfs8N SWMVIQr6GgKEF71v7DDK7W5LSxeMctjxk3MRXbuVtMUPMeClnOeV9J7N1ki4xQyRmJ/2 lTMGud3oURxGqwlj3+QLoxLR2qX9fa9XfI5gzXsOMJVMxZ7jaohbRUR97DEaBAxrcYxF gvRw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=hLnG6JFP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Return-Path: Received: from snail.vger.email (snail.vger.email. [23.128.96.37]) by mx.google.com with ESMTPS id z16-20020a656650000000b0059b71fb147dsi335480pgv.264.2023.10.17.11.54.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 17 Oct 2023 11:54:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=hLnG6JFP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 0A1E980ECF17; Tue, 17 Oct 2023 11:54:57 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1343606AbjJQSyw (ORCPT + 99 others); Tue, 17 Oct 2023 14:54:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53582 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232228AbjJQSyv (ORCPT ); Tue, 17 Oct 2023 14:54:51 -0400 Received: from smtp-out1.suse.de (smtp-out1.suse.de [IPv6:2001:67c:2178:6::1c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C3EC8C6; Tue, 17 Oct 2023 11:54:49 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 0881421CFC; Tue, 17 Oct 2023 18:54:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1697568888; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=WV8+QfL+W0GjUUx4DVAHsFccb/fwVlTGl0IqfxdfoSI=; b=hLnG6JFP3CdGIUwngJLGTg1Pjd+QkNnRPjs0lMTnDR4yiNmTTwaFJrGgiaiyQNDd+27Qk1 MhoccU3MgS2tABD7xx+ADwcnn25XXp4MRS5pptOW6luVxMfvx8ob50SVQHOaiM0KDb1r2b qhTrQ9Kg8OlKfpwVZg9X2sGHNiJfg9M= Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id AB4C913584; Tue, 17 Oct 2023 18:54:47 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id lHYZKXfYLmWmIgAAMHmgww (envelope-from ); Tue, 17 Oct 2023 18:54:47 +0000 Date: Tue, 17 Oct 2023 20:54:46 +0200 From: Michal =?utf-8?Q?Koutn=C3=BD?= To: Haitao Huang Cc: "Christopherson,, Sean" , "Huang, Kai" , "Zhang, Bo" , "linux-sgx@vger.kernel.org" , "cgroups@vger.kernel.org" , "yangjie@microsoft.com" , "dave.hansen@linux.intel.com" , "Li, Zhiquan1" , "linux-kernel@vger.kernel.org" , "mingo@redhat.com" , "tglx@linutronix.de" , "tj@kernel.org" , "anakrish@microsoft.com" , "jarkko@kernel.org" , "hpa@zytor.com" , "mikko.ylinen@linux.intel.com" , "Mehta, Sohil" , "bp@alien8.de" , "x86@kernel.org" , "kristen@linux.intel.com" Subject: Re: [PATCH v5 12/18] x86/sgx: Add EPC OOM path to forcefully reclaim EPC Message-ID: <6lrq4xmk42zteq6thpyah7jy25rmvkp7mqxtll6sl7z62m7n4m@vrbbedtgxeq4> References: <1f7a740f3acff8a04ec95be39864fb3e32d2d96c.camel@intel.com> <631f34613bcc8b5aa41cf519fa9d76bcd57a7650.camel@intel.com> <35a7fde056037a40b3b4b170e2ecd45bf8c4ba9f.camel@intel.com> <915907d56861ef4aa7f9f68e0eb8d136a60bee39.camel@intel.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="d2qvdlt5oh6ne5ty" Content-Disposition: inline In-Reply-To: Authentication-Results: smtp-out1.suse.de; none X-Spam-Level: X-Spam-Score: -12.70 X-Spamd-Result: default: False [-12.70 / 50.00]; ARC_NA(0.00)[]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-3.00)[-1.000]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; REPLY(-4.00)[]; DKIM_SIGNED(0.00)[suse.com:s=susede1]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RCPT_COUNT_TWELVE(0.00)[21]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; MID_RHS_NOT_FQDN(0.50)[]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-3.00)[100.00%] X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Tue, 17 Oct 2023 11:54:57 -0700 (PDT) --d2qvdlt5oh6ne5ty Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello Haitao. On Tue, Oct 17, 2023 at 07:58:02AM -0500, Haitao Huang wrote: > AFAIK, before we introducing max_write() callback in this series, no misc > controller would possibly enforce the limit when misc.max is reduced. e.g. I > don't think CVMs be killed when ASID limit is reduced and the cgroup was > full before limit is reduced. Yes, misccontroller was meant to be simple, current >= max serves to prevent new allocations. FTR, at some point in time memory.max was considered for reclaim control of regular pages but it turned out to be too coarse (and OOM killing processes if amount was not sensed correctly) and this eventually evolved into specific mechanism of memory.reclaim. So I'm mentioning this should that be an interface with better semantic for your use case (and misc.max writes can remain non-preemptive). One more note -- I was quite confused when I read in the rest of the series about OOM and _kill_ing but then I found no such measure in the code implementation. So I would suggest two terminological changes: - the basic premise of the series (00/18) is that EPC pages are a different resource than memory, hence choose a better suiting name than OOM (out of memory) condition, - killing -- (unless you have an intention to implement process termination later) My current interpretation that it is rather some aggressive unmapping within address space, so less confusing name for that would be "reclaim". > I think EPC pages to VMs could have the same behavior, once they are given > to a guest, never taken back by the host. For enclaves on host side, pages > are reclaimable, that allows us to enforce in a similar way to memcg. Is this distinction between preemptability of EPC pages mandated by the HW implementation? (host/"process" enclaves vs VM enclaves) Or do have users an option to lock certain pages in memory that yields this difference? Regards, Michal --d2qvdlt5oh6ne5ty Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEABYKAB0WIQQpEWyjXuwGT2dDBqAGvrMr/1gcjgUCZS7YdAAKCRAGvrMr/1gc jpc5AP9tTv+0BiQvCbDojRuouQdurDiPml67Obr1FdJ6Jqfb1AEAvxfWBD/03b86 jE2isDspp+sfjhBkmc8tAl7umLlKJwc= =3VCm -----END PGP SIGNATURE----- --d2qvdlt5oh6ne5ty--