Re: [PATCH v2 1/2] x86/sgx: Add accounting for tracking overcommit

[Haitao Huang]

On Fri, 07 Jan 2022 13:16:12 -0600, Kristen Carlson Accardi  
<kristen@xxxxxxxxxxxxxxx> wrote:

> On Fri, 2022-01-07 at 10:46 -0800, Dave Hansen wrote:
> > On 1/7/22 10:16, Kristen Carlson Accardi wrote:
> > > The overcommit percentage value is 150, which limits the total
> > > number of
> > > shared memory pages that may be consumed by all enclaves as backing
> > > pages
> > > to 1.5X of EPC pages on the system.
> >
> > Hi Kristen,
> >
> > Could you give some background on how this value was chosen and how
> > it
> > might impact userspace?
>
> Yes,
> The value of 1.5x the number of EPC pages was chosen because it will
> handle the most common case of a few enclaves that don't need much
> overcommit without any impact to user space. In the less commone case
> where there are many enclaves or a few large enclaves which need a lot
> of overcommit due to large EPC memory requirements, the reclaimer may
> fail to allocate a backing page for swapping if the limit has been
> reached. In this case the page will not be able to be reclaimed and the
> system will not be able to allocate any new EPC pages. Any ioctl or
> call to add new EPC pages will get -ENOMEM, so for example, new
> enclaves will fail to load, and new EPC pages will not be able to be
> added.
>
> Does that make sense?

If the system has a ton of RAM but limited EPC, I think it makes sense to  
allow more EPC swapping, can we do min(0.5*RAM, 2*EPC)?
I suppose if the system is used for heavy enclave load, user would be  
willing to at least use half of RAM.

Thanks
Haitao