On Tue, Sep 12, 2023 at 09:06:17PM -0700, Haitao Huang wrote: > SGX EPC memory allocations are separate from normal RAM allocations, and > are managed solely by the SGX subsystem. The existing cgroup memory > controller cannot be used to limit or account for SGX EPC memory, which is > a desirable feature in some environments, e.g., support for pod level > control in a Kubernates cluster on a VM or baremetal host [1,2]. > > This patchset implements the support for sgx_epc memory within the misc > cgroup controller. The user can use the misc cgroup controller to set and > enforce a max limit on total EPC usage per cgroup. The implementation > reports current usage and events of reaching the limit per cgroup as well > as the total system capacity.
Minor nit aside, it looks fine from cgroup side. Thanks. -- tejun
