On 05/15/2018 11:34 AM, Daniel P. Berrangé wrote:
On Tue, May 15, 2018 at 11:25:58AM -0400, Stefan Berger wrote:
On 05/10/2018 05:57 PM, Stefan Berger wrote:
Add the external swtpm to the emulator cgroup so that upper limits of CPU
usage can be enforced on the emulated TPM.
I haven't made any changes to this yet. A possibility would be to put swtpm
into its own tpm-emulator cgroup and extend the XML for the TPM to also have
'period' and 'quota':
<tpm model='tpm-tis'>
<backend type='emulator'>
<period>1000</period>
<quota>500</quota>
</backend>
</tpm>
Or we add the following to cputune:
<tpm_emulator_period>1000</tpm_emulator_period>
<tpm_emulator_quota>500</tpm_emulator_quota>
The latter would be more consistent, though i would prefer the former.
I'm not really seeing a compelling reason to need to set tunables on
the swtpm directly. IMHO we should just consider it part of the
"emulator" tunables - the fact that it is a separate binary/process
rather than inside QEMU is just a private impl detail.
One reason I could think of is to approximate the real world a little
closer where a TPM is typically its own chip.
Stefan
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
