Jarkko Sakkinen
Posts
4544Following
316Followers
476OpenPGP: 3AB05486C7752FE1
@ljs I'd actually claim that the driver is as good as it gets in this area. It has been turned over many times by me, Sean and Dave Hansen. The way things are done is also result of 2,5 years upstreaming period so it is pretty well screened code base, and I can say by large audience of the senior maintainers. https://www.phoronix.com/news/Intel-SGX-Linux-5.11
But It's Sunday and workaround of doing your own fake mm is not as bad as it sounds. You have code that basically draws a picture of how VMA layout should look like and then does optimal set of mmaps based on that :-) Once it is in run-time nobody cares.
I'm just merely interested when something related to merges comes up "could we still improve".
I.e. I merge by:
1. Close all VMA's.
2. Map new VMA's.
The shim tracks every mmap(), mprotected() etc. syscall and updates the database accordingly.
But It's Sunday and workaround of doing your own fake mm is not as bad as it sounds. You have code that basically draws a picture of how VMA layout should look like and then does optimal set of mmaps based on that :-) Once it is in run-time nobody cares.
I'm just merely interested when something related to merges comes up "could we still improve".
I.e. I merge by:
1. Close all VMA's.
2. Map new VMA's.
The shim tracks every mmap(), mprotected() etc. syscall and updates the database accordingly.
1
0
0
@ljs Not expecting you to fix this but this like the how the problem is scoped:
1. You have special memory without backing page structures.
2. The special memory can host executables executed by the CPU.
With those constraints there's no really other way I'm aware of than PFNMAP. Or perhaps there is better way to map the memory that I'm not just aware of? Have not really looked into the issue since 2022 :-)
1. You have special memory without backing page structures.
2. The special memory can host executables executed by the CPU.
With those constraints there's no really other way I'm aware of than PFNMAP. Or perhaps there is better way to map the memory that I'm not just aware of? Have not really looked into the issue since 2022 :-)
1
0
0
@ljs If there would be something that kernel could provide some day to enable merges in such corner that'd be great but it is not a total show stopper issue. We get shit work without kernel doing merges too by redoing it in user space and it is not that hard. But anyway something to think about ;-)
1
0
0
@ljs I think I worked this around in run time by closing old mmap and creating a completely new one, i.e. I literally implemented VMA merge in user space to workaround the kernel issue in https://github.com/enarx/enarx.
I even maintained my own database of memory spans with access rights etc because kernel does not merge properly :-) You cannot implement merge without having full picture of the mapped spans and their access rights. I.e. I merge in my database and then turn that into mmap() calls.
I even maintained my own database of memory spans with access rights etc because kernel does not merge properly :-) You cannot implement merge without having full picture of the mapped spans and their access rights. I.e. I merge in my database and then turn that into mmap() calls.
1
0
0
@ljs OK then it is still existing performance issue in the SGX driver. Sean (Christopherson) removed the close callback when I was working with him on the driver to enable merges but to this day it is using PFNMAP for mapping.
So once the program is running for some time inside enclave the memory map might look like something like:
https://lore.kernel.org/linux-sgx/c148ab48-1b70-6e20-5742-b0b2dc014dc3@intel.com/
It's a corner case where the current software abstraction does not map properly the physical reality (given that for enclave memory merge would be fine even tho we need to access it with PFNMAP).
So once the program is running for some time inside enclave the memory map might look like something like:
https://lore.kernel.org/linux-sgx/c148ab48-1b70-6e20-5742-b0b2dc014dc3@intel.com/
It's a corner case where the current software abstraction does not map properly the physical reality (given that for enclave memory merge would be fine even tho we need to access it with PFNMAP).
1
0
0
Jarkko Sakkinen
repeated
repeated
Thorsten Leemhuis (acct. 1/4)
kernellogger@fosstodon.org#sched_ext, which allows scheduling policies to be implemented as #BPF programs, has been merged for #Linux 6.12:
https://git.kernel.org/torvalds/c/88264981f2082248e892a706b2c5004650faac54
See https://lwn.net/Articles/922405/ for a description of what it does and https://lwn.net/Articles/972710/ for the controversy it caused that is the reason why it took so long to land in mainline.
0
5
3
@linuxplumbersconf YES, these came literally after the conference.
0
0
0
Jarkko Sakkinen
jarkko
"Three Mile Island, the site of worst nuclear disaster in the United States, is reopening and will exclusively sell the power to Microsoft as the company searches for energy sources to fuel its AI ambitions"
https://edition.cnn.com/2024/09/20/energy/three-mile-island-microsoft-ai/index.html
#microsoft #ai
https://edition.cnn.com/2024/09/20/energy/three-mile-island-microsoft-ai/index.html
#microsoft #ai
0
1
2
Jarkko Sakkinen
jarkko
I wonder if there is a typst template for label writers such as Dymo LabelWriter 450, which I own. I use gLabels ATM but do not see any point in WYSIWYG and an address label.
0
0
0
Jarkko Sakkinen
jarkko
This performance regression fix is as done as it can be:
https://lore.kernel.org/linux-integrity/20240921120811.1264985-1-jarkko@kernel.org/
As soon as it gets tags I'll put out a pull request. Not having the fixes can double the boot time at least on some AMD desktop CPU's if TPM bus encryption is turned on.
Without fix: 7s -> 20s
WIth the fix: 20s -> 8.7s
So pretty reasonable number, encryption cannot be done without any overhead. Patches fixup unnecessary encryption context throttling.
Hopefully next week when the cons are over there will be some feedback.
#linux #kernel
https://lore.kernel.org/linux-integrity/20240921120811.1264985-1-jarkko@kernel.org/
As soon as it gets tags I'll put out a pull request. Not having the fixes can double the boot time at least on some AMD desktop CPU's if TPM bus encryption is turned on.
Without fix: 7s -> 20s
WIth the fix: 20s -> 8.7s
So pretty reasonable number, encryption cannot be done without any overhead. Patches fixup unnecessary encryption context throttling.
Hopefully next week when the cons are over there will be some feedback.
#linux #kernel
0
1
1
Jarkko Sakkinen
jarkko
Xenonauts 2 is a nice game, helps with Xcom withdrawal symptoms at least.
0
0
0
Jarkko Sakkinen
jarkko
I got couple of days ago both email that my talk Linux Plumbers was both accepted and also that it was rejected 🤷 I guess there was something wrong with the mailer?
It would be nice to get infos a bit earlier and not in superposition state ;-)
@linuxplumbersconf
It would be nice to get infos a bit earlier and not in superposition state ;-)
@linuxplumbersconf
1
0
1
Jarkko Sakkinen
jarkko
Julia is pretty cool language IMHO for doing workbook type of stuff like you would with Jupyter and all this "scientific Python" type of stuff. There's excellent support in the REPL cli for persistence with shared environments and projects. I think I replace bc and Python with Julia for being my main calculator app.
1
0
2
Jarkko Sakkinen
jarkko
Edited 10 months ago
I tagged 0.1.0 of my TPM driver test framework: https://codeberg.org/jarkko/linux-tpmdd-test/src/tag/0.1.0
Now it pretty much can take care all testing and development needs I have. From this tag forward the Git history is also declared as stable (i.e. now rewrites).
It's also not that common example of using systemd with BuildRoot ;-)
Now it pretty much can take care all testing and development needs I have. From this tag forward the Git history is also declared as stable (i.e. now rewrites).
It's also not that common example of using systemd with BuildRoot ;-)
1
0
1