Re: [RFC PATCH 00/20] Add Cgroup support for SGX EPC memory
From: Dave Hansen
Date: Thu Sep 22 2022 - 17:04:07 EST
On 9/22/22 12:08, Tejun Heo wrote:
> Can you please give more concrete examples? I'd love to hear how the SGX EPC
> memory is typically used in what amounts and what's the performance
> implications when they get reclaimed and so on. ie. Please describe a
> realistic usage scenario of contention with sufficient details on how the
> system is set up, what the applications are using the SGX EPC memory for and
> how much, how the contention on memory affects the users and so on.
One wrinkle is that the apps that use SGX EPC memory are *normal* apps.
There are frameworks that some folks are very excited about that allow
you to run mostly unmodified app stacks inside SGX. For example:
https://github.com/gramineproject/graphene
In fact, Gramine users are the troublesome ones for overcommit. Most
explicitly-written SGX applications are quite austere in their SGX
memory use; they're probably never going to see overcommit. These
Gramine-wrapped apps are (relative) pigs. They've been the ones finding
bugs in the existing SGX overcommit code.
So, where does all the SGX memory go? It's the usual suspects:
memcached and redis. ;)