| Message ID | 20210116023204.670834-3-vipinsh@google.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | cgroup: KVM: New Encryption IDs cgroup controller | expand |
On 1/15/21 6:32 PM, Vipin Sharma wrote: > Documentation of Encryption IDs controller. This new controller is used > to track and limit usage of hardware memory encryption capabilities on > the CPUs. > > Signed-off-by: Vipin Sharma <vipinsh@google.com> > Reviewed-by: David Rientjes <rientjes@google.com> > Reviewed-by: Dionna Glaze <dionnaglaze@google.com> > --- > .../admin-guide/cgroup-v1/encryption_ids.rst | 1 + > Documentation/admin-guide/cgroup-v2.rst | 78 ++++++++++++++++++- > 2 files changed, 77 insertions(+), 2 deletions(-) > create mode 100644 Documentation/admin-guide/cgroup-v1/encryption_ids.rst > > diff --git a/Documentation/admin-guide/cgroup-v1/encryption_ids.rst b/Documentation/admin-guide/cgroup-v1/encryption_ids.rst > new file mode 100644 > index 000000000000..8e9e9311daeb > --- /dev/null > +++ b/Documentation/admin-guide/cgroup-v1/encryption_ids.rst > @@ -0,0 +1 @@ > +/Documentation/admin-guide/cgroup-v2.rst > diff --git a/Documentation/admin-guide/cgroup-v2.rst b/Documentation/admin-guide/cgroup-v2.rst > index 63521cd36ce5..72993571de2e 100644 > --- a/Documentation/admin-guide/cgroup-v2.rst > +++ b/Documentation/admin-guide/cgroup-v2.rst > @@ -63,8 +63,11 @@ v1 is available under :ref:`Documentation/admin-guide/cgroup-v1/index.rst <cgrou > 5-7-1. RDMA Interface Files > 5-8. HugeTLB > 5.8-1. HugeTLB Interface Files > - 5-8. Misc > - 5-8-1. perf_event > + 5-9. Encryption IDs > + 5.9-1 Encryption IDs Interface Files > + 5.9-2 Migration and Ownership > + 5-10. Misc > + 5-10-1. perf_event > 5-N. Non-normative information > 5-N-1. CPU controller root cgroup process behaviour > 5-N-2. IO controller root cgroup process behaviour > @@ -2160,6 +2163,77 @@ HugeTLB Interface Files > are local to the cgroup i.e. not hierarchical. The file modified event > generated on this file reflects only the local events. > > +Encryption IDs > +-------------- > + > +There are multiple hardware memory encryption capabilities provided by the > +hardware vendors, like Secure Encrypted Virtualization (SEV) and SEV Encrypted > +State (SEV-ES) from AMD. > + > +These features are being used in encrypting virtual machines (VMs) and user > +space programs. However, only a small number of keys/IDs can be used > +simultaneously. > + > +This limited availability of these IDs requires system admin to optimize admins > +allocation, control, and track the usage of the resources in the cloud > +infrastructure. This resource also needs to be protected from getting exhausted > +by some malicious program and causing starvation for other programs. > + > +Encryption IDs controller provides capability to register the resource for The Encryption IDs controller provides the capability to register the resource for > +controlling and tracking through the cgroups. through cgroups. > + > +Encryption IDs Interface Files > +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > + > +Each encryption ID type have their own interface files, has its own > +encids.[ID TYPE].{max, current, stat}, where "ID TYPE" can be sev and or > +sev-es. > + > + encids.[ID TYPE].stat > + A read-only flat-keyed single value file. This file exists only in the > + root cgroup. > + > + It shows the total number of encryption IDs available and currently in > + use on the platform:: > + # cat encids.sev.stat > + total 509 > + used 0 This is described above as a single-value file... Is the max value a hardware limit or a software (flexible) limit? > + > + encids.[ID TYPE].max > + A read-write file which exists on the non-root cgroups. File is used to > + set maximum count of "[ID TYPE]" which can be used in the cgroup. > + > + Limit can be set to max by:: > + # echo max > encids.sev.max > + > + Limit can be set by:: > + # echo 100 > encids.sev.max > + > + This file shows the max limit of the encryption ID in the cgroup:: > + # cat encids.sev.max > + max > + > + OR:: > + # cat encids.sev.max > + 100 > + > + Limits can be set more than the "total" capacity value in the > + encids.[ID TYPE].stat file, however, the controller ensures > + that the usage never exceeds the "total" and the max limit. > + > + encids.[ID TYPE].current > + A read-only single value file which exists on non-root cgroups. > + > + Shows the total number of encrypted IDs being used in the cgroup. > + > +Migration and Ownership > +~~~~~~~~~~~~~~~~~~~~~~~ > + > +An encryption ID is charged to the cgroup in which it is used first, and > +stays charged to that cgroup until that ID is freed. Migrating a process > +to a different cgroup do not move the charge to the destination cgroup does > +where the process has moved. > + > Misc > ---- > >
On Mon, Jan 18, 2021 at 9:55 AM Randy Dunlap <rdunlap@infradead.org> wrote: > > On 1/15/21 6:32 PM, Vipin Sharma wrote: > > Documentation of Encryption IDs controller. This new controller is used > > to track and limit usage of hardware memory encryption capabilities on > > the CPUs. > > > > Signed-off-by: Vipin Sharma <vipinsh@google.com> > > Reviewed-by: David Rientjes <rientjes@google.com> > > Reviewed-by: Dionna Glaze <dionnaglaze@google.com> > > --- > > .../admin-guide/cgroup-v1/encryption_ids.rst | 1 + > > Documentation/admin-guide/cgroup-v2.rst | 78 ++++++++++++++++++- > > 2 files changed, 77 insertions(+), 2 deletions(-) > > create mode 100644 Documentation/admin-guide/cgroup-v1/encryption_ids.rst > > > > diff --git a/Documentation/admin-guide/cgroup-v1/encryption_ids.rst b/Documentation/admin-guide/cgroup-v1/encryption_ids.rst > > new file mode 100644 > > index 000000000000..8e9e9311daeb > > --- /dev/null > > +++ b/Documentation/admin-guide/cgroup-v1/encryption_ids.rst > > @@ -0,0 +1 @@ > > +/Documentation/admin-guide/cgroup-v2.rst > > diff --git a/Documentation/admin-guide/cgroup-v2.rst b/Documentation/admin-guide/cgroup-v2.rst > > index 63521cd36ce5..72993571de2e 100644 > > --- a/Documentation/admin-guide/cgroup-v2.rst > > +++ b/Documentation/admin-guide/cgroup-v2.rst > > @@ -63,8 +63,11 @@ v1 is available under :ref:`Documentation/admin-guide/cgroup-v1/index.rst <cgrou > > 5-7-1. RDMA Interface Files > > 5-8. HugeTLB > > 5.8-1. HugeTLB Interface Files > > - 5-8. Misc > > - 5-8-1. perf_event > > + 5-9. Encryption IDs > > + 5.9-1 Encryption IDs Interface Files > > + 5.9-2 Migration and Ownership > > + 5-10. Misc > > + 5-10-1. perf_event > > 5-N. Non-normative information > > 5-N-1. CPU controller root cgroup process behaviour > > 5-N-2. IO controller root cgroup process behaviour > > @@ -2160,6 +2163,77 @@ HugeTLB Interface Files > > are local to the cgroup i.e. not hierarchical. The file modified event > > generated on this file reflects only the local events. > > > > +Encryption IDs > > +-------------- > > + > > +There are multiple hardware memory encryption capabilities provided by the > > +hardware vendors, like Secure Encrypted Virtualization (SEV) and SEV Encrypted > > +State (SEV-ES) from AMD. > > + > > +These features are being used in encrypting virtual machines (VMs) and user > > +space programs. However, only a small number of keys/IDs can be used > > +simultaneously. > > + > > +This limited availability of these IDs requires system admin to optimize > > admins > > > +allocation, control, and track the usage of the resources in the cloud > > +infrastructure. This resource also needs to be protected from getting exhausted > > +by some malicious program and causing starvation for other programs. > > + > > +Encryption IDs controller provides capability to register the resource for > > The Encryption IDs controller provides the capability to register the resource for > > > +controlling and tracking through the cgroups. > > through cgroups. > > > + > > +Encryption IDs Interface Files > > +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > + > > +Each encryption ID type have their own interface files, > > has its own > > > +encids.[ID TYPE].{max, current, stat}, where "ID TYPE" can be sev and > > or > > > +sev-es. > > + > > + encids.[ID TYPE].stat > > + A read-only flat-keyed single value file. This file exists only in the > > + root cgroup. > > + > > + It shows the total number of encryption IDs available and currently in > > + use on the platform:: > > + # cat encids.sev.stat > > + total 509 > > + used 0 > > This is described above as a single-value file... > > Is the max value a hardware limit or a software (flexible) limit? > > > > + > > + encids.[ID TYPE].max > > + A read-write file which exists on the non-root cgroups. File is used to > > + set maximum count of "[ID TYPE]" which can be used in the cgroup. > > + > > + Limit can be set to max by:: > > + # echo max > encids.sev.max > > + > > + Limit can be set by:: > > + # echo 100 > encids.sev.max > > + > > + This file shows the max limit of the encryption ID in the cgroup:: > > + # cat encids.sev.max > > + max > > + > > + OR:: > > + # cat encids.sev.max > > + 100 > > + > > + Limits can be set more than the "total" capacity value in the > > + encids.[ID TYPE].stat file, however, the controller ensures > > + that the usage never exceeds the "total" and the max limit. > > + > > + encids.[ID TYPE].current > > + A read-only single value file which exists on non-root cgroups. > > + > > + Shows the total number of encrypted IDs being used in the cgroup. > > + > > +Migration and Ownership > > +~~~~~~~~~~~~~~~~~~~~~~~ > > + > > +An encryption ID is charged to the cgroup in which it is used first, and > > +stays charged to that cgroup until that ID is freed. Migrating a process > > +to a different cgroup do not move the charge to the destination cgroup > > does > > > +where the process has moved. > > + > > Misc > > ---- > > > > > > > -- > ~Randy > You can't do anything without having to do something else first. > -- Belefant's Law Thank you, I will fix them in the next patch.
diff --git a/Documentation/admin-guide/cgroup-v1/encryption_ids.rst b/Documentation/admin-guide/cgroup-v1/encryption_ids.rst new file mode 100644 index 000000000000..8e9e9311daeb --- /dev/null +++ b/Documentation/admin-guide/cgroup-v1/encryption_ids.rst @@ -0,0 +1 @@ +/Documentation/admin-guide/cgroup-v2.rst diff --git a/Documentation/admin-guide/cgroup-v2.rst b/Documentation/admin-guide/cgroup-v2.rst index 63521cd36ce5..72993571de2e 100644 --- a/Documentation/admin-guide/cgroup-v2.rst +++ b/Documentation/admin-guide/cgroup-v2.rst @@ -63,8 +63,11 @@ v1 is available under :ref:`Documentation/admin-guide/cgroup-v1/index.rst <cgrou 5-7-1. RDMA Interface Files 5-8. HugeTLB 5.8-1. HugeTLB Interface Files - 5-8. Misc - 5-8-1. perf_event + 5-9. Encryption IDs + 5.9-1 Encryption IDs Interface Files + 5.9-2 Migration and Ownership + 5-10. Misc + 5-10-1. perf_event 5-N. Non-normative information 5-N-1. CPU controller root cgroup process behaviour 5-N-2. IO controller root cgroup process behaviour @@ -2160,6 +2163,77 @@ HugeTLB Interface Files are local to the cgroup i.e. not hierarchical. The file modified event generated on this file reflects only the local events. +Encryption IDs +-------------- + +There are multiple hardware memory encryption capabilities provided by the +hardware vendors, like Secure Encrypted Virtualization (SEV) and SEV Encrypted +State (SEV-ES) from AMD. + +These features are being used in encrypting virtual machines (VMs) and user +space programs. However, only a small number of keys/IDs can be used +simultaneously. + +This limited availability of these IDs requires system admin to optimize +allocation, control, and track the usage of the resources in the cloud +infrastructure. This resource also needs to be protected from getting exhausted +by some malicious program and causing starvation for other programs. + +Encryption IDs controller provides capability to register the resource for +controlling and tracking through the cgroups. + +Encryption IDs Interface Files +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Each encryption ID type have their own interface files, +encids.[ID TYPE].{max, current, stat}, where "ID TYPE" can be sev and +sev-es. + + encids.[ID TYPE].stat + A read-only flat-keyed single value file. This file exists only in the + root cgroup. + + It shows the total number of encryption IDs available and currently in + use on the platform:: + # cat encids.sev.stat + total 509 + used 0 + + encids.[ID TYPE].max + A read-write file which exists on the non-root cgroups. File is used to + set maximum count of "[ID TYPE]" which can be used in the cgroup. + + Limit can be set to max by:: + # echo max > encids.sev.max + + Limit can be set by:: + # echo 100 > encids.sev.max + + This file shows the max limit of the encryption ID in the cgroup:: + # cat encids.sev.max + max + + OR:: + # cat encids.sev.max + 100 + + Limits can be set more than the "total" capacity value in the + encids.[ID TYPE].stat file, however, the controller ensures + that the usage never exceeds the "total" and the max limit. + + encids.[ID TYPE].current + A read-only single value file which exists on non-root cgroups. + + Shows the total number of encrypted IDs being used in the cgroup. + +Migration and Ownership +~~~~~~~~~~~~~~~~~~~~~~~ + +An encryption ID is charged to the cgroup in which it is used first, and +stays charged to that cgroup until that ID is freed. Migrating a process +to a different cgroup do not move the charge to the destination cgroup +where the process has moved. + Misc ----