Re: [PATCH v2 17/18] x86/sgx: Add support for misc cgroup controller

From: Jarkko Sakkinen
Date: Thu Dec 08 2022 - 10:31:15 EST

Next message: Tom Lendacky: "[PATCH v6 5/5] x86/sev: Add SNP-specific unaccepted memory support"
Previous message: Tom Lendacky: "[PATCH v6 4/5] x86/sev: Use large PSC requests if applicable"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Perhaps "x86/sgx: Limit process EPC usage with misc cgroup controller"?

Or something more to the point than "add support".

On Fri, Dec 02, 2022 at 10:36:53AM -0800, Kristen Carlson Accardi wrote:

> /**
> - * sgx_reclaim_epc_pages() - Reclaim EPC pages from the consumers
> + * __sgx_reclaim_epc_pages() - Reclaim EPC pages from the consumers
> * @nr_to_scan: Number of EPC pages to scan for reclaim
> * @ignore_age: Reclaim a page even if it is young
> + * @epc_cg: EPC cgroup from which to reclaim
> *
> * Take a fixed number of pages from the head of the active page pool and
> * reclaim them to the enclave's private shmem files. Skip the pages, which have
> @@ -336,7 +350,8 @@ void sgx_isolate_epc_pages(struct sgx_epc_lru_lists *lru, int *nr_to_scan,
> * problematic as it would increase the lock contention too much, which would
> * halt forward progress.
> */
> -static int __sgx_reclaim_pages(int nr_to_scan, bool ignore_age)
> +static int __sgx_reclaim_epc_pages(int nr_to_scan, bool ignore_age,
> + struct sgx_epc_cgroup *epc_cg)
> {
> struct sgx_backing backing[SGX_MAX_NR_TO_RECLAIM];
> struct sgx_epc_page *epc_page, *tmp;
> @@ -347,7 +362,15 @@ static int __sgx_reclaim_pages(int nr_to_scan, bool ignore_age)
> int i = 0;
> int ret;
>
> - sgx_isolate_epc_pages(&sgx_global_lru, &nr_to_scan, &iso);
> + /*
> + * If a specific cgroup is not being targetted, take from the global
> + * list first, even when cgroups are enabled. If there are
> + * pages on the global LRU then they should get reclaimed asap.
> + */
> + if (!IS_ENABLED(CONFIG_CGROUP_SGX_EPC) || !epc_cg)
> + sgx_isolate_epc_pages(&sgx_global_lru, &nr_to_scan, &iso);
> +
> + sgx_epc_cgroup_isolate_pages(epc_cg, &nr_to_scan, &iso);
>
> if (list_empty(&iso))
> return 0;
> @@ -397,25 +420,33 @@ static int __sgx_reclaim_pages(int nr_to_scan, bool ignore_age)
> SGX_EPC_PAGE_ENCLAVE |
> SGX_EPC_PAGE_VERSION_ARRAY);
>
> + if (epc_page->epc_cg) {
> + sgx_epc_cgroup_uncharge(epc_page->epc_cg);
> + epc_page->epc_cg = NULL;
> + }
> +
> sgx_free_epc_page(epc_page);
> }
> return i;
> }

I would consider changes to sgx_reclaim_epc_pages() as a separate patch,
perhaps squashing with the patch that does the export. And generally
separate from this patch all internal arch/x86/kernel/cpu/sgx changes,
and leave only cgroup bindings.

BR, Jarkko

Next message: Tom Lendacky: "[PATCH v6 5/5] x86/sev: Add SNP-specific unaccepted memory support"
Previous message: Tom Lendacky: "[PATCH v6 4/5] x86/sev: Use large PSC requests if applicable"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]