[PATCH v33 11/21] x86/sgx: Linux Enclave Driver
Borislav Petkov
bp at alien8.de
Tue Oct 27 15:37:27 UTC 2020
On Tue, Oct 27, 2020 at 08:20:00AM -0700, Dave Hansen wrote:
> I can't think of a *lot* of spots where we have sanity checks like this
> for memory. We have cgroups and the overcommit limits. But, in
> general, folks can allocate as much memory as they want until
> allocations start to fail.
>
> Should SGX be any different?
>
> If we had a sanity check that said, "you can only allocate 1/2 of
> enclave memory", wouldn't that just make somebody mad because they want
> one big enclave?
>
> Or, do you just want a sanity check to see if, up front, the user is
> asking for more enclave memory than there is on the *whole* system?
> That's also sane, but it doesn't take overcommit into account. That's
> why, for instance, we have vm.overcommit_ratio for normal memory.
Yeah, you're making sense and there's really no need for SGX to be any
different. Especially since users are already familiar the "policy" of
failing allocations when too much memory requested. :-)
> BTW, I think we all agree that a cgroup controller for enclave memory is
> going to be needed eventually.
Right.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
More information about the Linux-security-module-archive
mailing list