Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Obtaining Security Memory Information

To facilitate O&M in the REE, you can run libvirt virsh commands to view the secure memory usage in the TEE.

  1. Deploying the Secure Memory Observability Drivers
    1. Install the virtCCA_driver package. 
      yum install -y virtCCA_driver
depmod -a
    2. Load the TMM driver. 
      modprobe tmm_driver
    3. Verify the load and check for the sys file system. 
      lsmod | grep tmm 
ls /sys/kernel/tmm

  2. Run the following commands to obtain secure memory information through libvirt:
    • Obtaining coarse-grained secure memory information 
      virsh tmm tmm_memory_info

      The following information is obtained:

      • Number of NUMA nodes with secure memory
      • Specific node IDs
      • Total secure memory of the nodes
      • Free secure memory of the nodes
      • Memory used by the metadata of the nodes
      • Memory used by the cVMs on the nodes
    • Obtaining fine-grained secure memory information 
      virsh tmm tmm_memory_info --detail

      • In addition to the coarse-grained secure memory information, the obtained information also includes the total number of metadata records and the number of idle metadata records on each NUMA node as well as the number of idle page tables on each NUMA node.
      • The memory size at each level of page is as follows:

      • Metadata stores necessary information data objects for running cVMs. Metadata is classified into reserved metadata and extended metadata. After reserved metadata is used up, metadata is extended to generate new metadata.
        Table 1 Metadata types

        Metadata Type

        Consumption Rule

        Size of Each Expansion

        td

        Each VM consumes one.

        2 MB

        tec

        Equal to the number of vCPUs consumed by each VM.

        2 MB

        ttt

        Each VM consumes 66.

        2 MB
    • Run the cat kernel string file system commands to obtain secure memory information.
      1. Display the secure memory usage of each NUMA node. 
        cat /sys/kernel/tmm/memory_info
      2. Display the total number and idle number of metadata records on each NUMA node. 
        cat /sys/kernel/tmm/slab_info
      3. Display the idle number of page tables on each NUMA node. 
        cat /sys/kernel/tmm/buddy_info

Parent topic: Feature Usage