On Thu, May 07, 2020 at 05:35:31PM -0500, Haitao Huang wrote: > On Thu, 07 May 2020 14:34:59 -0500, Sean Christopherson > <sean.j.christopherson@xxxxxxxxx> wrote: > > >On Thu, May 07, 2020 at 12:49:15PM -0400, Nathaniel McCallum wrote: > >>> For larger size mmap, I think it requires enabling vm overcommit mode > >>1: > >>> echo 1 | sudo tee /proc/sys/vm/overcommit_memory > > > >It shouldn't unless the initial mmap is "broken". Not truly broken, but > >broken in the sense that what Enarx is asking for is not actually what it > >desires. > > > So I tried, this passes with mode 1 but fail with ENOMEM by default: > > mmap(NULL, 0x100000000000UL, PROT_NONE, MAP_SHARED| MAP_ANONYMOUS, -1, 0); Ah, fudge. shmem_zero_setup() triggers shmem_acct_size() and thus __vm_enough_memory(). Which I should have rememered because I've stared at that code several times when dealing with the enclave's backing store. I wasn't seeing the issue because I happened to use MAP_PRIVATE. So, bad analysis, good conclusion, i.e. the kernel is still doing the right thing, it's just not ideal for userspace. Jarkko, we should update the docs and selftest to recommend and use PROT_NONE, MAP_PRIVATE | MAP_ANONYMOUS or PROT_NONE, MAP_SHARED | MAP_NORESERVE | MAP_ANONYMOUS" when carving out ELRANGE, with an explicit comment that all the normal rules for mapping memory still apply.