Re: [PATCH 1/2] x86/sgx: Add accounting for tracking overcommit

From: Borislav Petkov
Date: Mon Dec 20 2021 - 17:48:25 EST

Next message: kernel test robot: "[chao:feature/dax 5/9] fs/f2fs/data.c:4178:16: error: implicit declaration of function 'dax_writeback_mapping_range'"
Previous message: Rajat Jain: "[PATCH v3 3/3] drm/privacy_screen_x86: Add entry for ChromeOS privacy-screen"
In reply to: Kristen Carlson Accardi: "Re: [PATCH 1/2] x86/sgx: Add accounting for tracking overcommit"
Next in thread: Dave Hansen: "Re: [PATCH 1/2] x86/sgx: Add accounting for tracking overcommit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Dec 20, 2021 at 01:35:03PM -0800, Kristen Carlson Accardi wrote:
> So, in your proposal you would first change the calculated number of
> maximum available backing pages to be based on total system RAM rather
> than EPC memory, got it.

This was just an example. My point is to try to make it automatic and
not introduce another knob. And to decide on the limits and behavior
by using common sense and addressing the common use cases first.

> This would require recalculating the max number of allowed backing
> pages per enclave at run time whenever a new enclave is loaded - but
> all the existing enclaves may have already used more than the new max
> number of per-enclave allowable pages. How would you handle that
> scenario? This would add a lot of complexity for sure - and it does
> make me wonder whether any additional benefit of limiting per enclave
> would be worth it.

See above - this was just an example. And as you've shown, an example of
what *not* to do.

> Thanks for your more detailed explanation - I will take a look at the
> VM overcommit limits. Since obviously the original implementation did
> have a default value set, I had still a remaining specific question
> about your comments. Are you suggesting that there should not be a way
> to override any overcommit limit at all? So drop the parameter all
> together?

So let me ask you a counter-question:

Imagine you're a sysadmin. Or a general, common system user if there
ever is one.

When your system starts thrashing and you're running a bunch of
enclaves, how do you find out there even is a knob which might
potentially help you?

And after you find it, how would you use that knob?

Or would you rather prefer that the system did the right thing for you
instead of having to figure out what the sensible values for that knob
would be?

My point is: put yourself in the user's shoes and try to think about
what would be the optimal thing the system should do.

Once that is cleanly and properly defined, then we can deal with knobs
and policies etc.

I sincerely hope that makes more sense.

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Next message: kernel test robot: "[chao:feature/dax 5/9] fs/f2fs/data.c:4178:16: error: implicit declaration of function 'dax_writeback_mapping_range'"
Previous message: Rajat Jain: "[PATCH v3 3/3] drm/privacy_screen_x86: Add entry for ChromeOS privacy-screen"
In reply to: Kristen Carlson Accardi: "Re: [PATCH 1/2] x86/sgx: Add accounting for tracking overcommit"
Next in thread: Dave Hansen: "Re: [PATCH 1/2] x86/sgx: Add accounting for tracking overcommit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]