> From: Nicolin Chen <nicol...@nvidia.com> > Sent: Saturday, January 25, 2025 8:31 AM > > There is a DoS concern on the shared hardware event queue among devices > passed through to VMs, that too many translation failures that belong to > VMs could overflow the shared hardware event queue if those VMs or their > VMMs don't handle/recover the devices properly.
This statement is not specific to the nested configuration. > > The MEV bit in the STE allows to configure the SMMU HW to merge similar > event records, though there is no guarantee. Set it in a nested STE for > DoS mitigations. Is MEV available only in nested mode? Otherwise it perhaps makes sense to turn it on in all configurations in IOMMUFD paths...
