On Tue, May 15, 2018 at 11:43:10AM -0400, Stefan Berger wrote: > On 05/15/2018 11:34 AM, Daniel P. Berrangé wrote: > > On Tue, May 15, 2018 at 11:25:58AM -0400, Stefan Berger wrote: > > > On 05/10/2018 05:57 PM, Stefan Berger wrote: > > > > Add the external swtpm to the emulator cgroup so that upper limits of CPU > > > > usage can be enforced on the emulated TPM. > > > I haven't made any changes to this yet. A possibility would be to put swtpm > > > into its own tpm-emulator cgroup and extend the XML for the TPM to also have > > > 'period' and 'quota': > > > > > > <tpm model='tpm-tis'> > > > <backend type='emulator'> > > > <period>1000</period> > > > <quota>500</quota> > > > </backend> > > > </tpm> > > > > > > Or we add the following to cputune: > > > > > > <tpm_emulator_period>1000</tpm_emulator_period> > > > <tpm_emulator_quota>500</tpm_emulator_quota> > > > > > > The latter would be more consistent, though i would prefer the former. > > I'm not really seeing a compelling reason to need to set tunables on > > the swtpm directly. IMHO we should just consider it part of the > > "emulator" tunables - the fact that it is a separate binary/process > > rather than inside QEMU is just a private impl detail. > > One reason I could think of is to approximate the real world a little closer > where a TPM is typically its own chip. I don't think that's a real use case. You can look at QEMU's machine types and say they have 10-20 separate chips in the real world, but we don't need to have control over CPU usage of those chips. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
