[PATCH v6 14/14] iommu/arm-smmu-v3: Set MEV bit in nested STE for DoS mitigations
Tian, Kevin
kevin.tian at intel.com
Mon Feb 17 21:24:08 PST 2025
> From: Nicolin Chen <nicolinc at nvidia.com>
> Sent: Saturday, January 25, 2025 8:31 AM
>
> There is a DoS concern on the shared hardware event queue among devices
> passed through to VMs, that too many translation failures that belong to
> VMs could overflow the shared hardware event queue if those VMs or their
> VMMs don't handle/recover the devices properly.
This statement is not specific to the nested configuration.
>
> The MEV bit in the STE allows to configure the SMMU HW to merge similar
> event records, though there is no guarantee. Set it in a nested STE for
> DoS mitigations.
Is MEV available only in nested mode? Otherwise it perhaps makes
sense to turn it on in all configurations in IOMMUFD paths...
More information about the linux-arm-kernel
mailing list