On Fri, Jan 24, 2025 at 04:30:43PM -0800, Nicolin Chen wrote: > There is a DoS concern on the shared hardware event queue among devices > passed through to VMs, that too many translation failures that belong to > VMs could overflow the shared hardware event queue if those VMs or their > VMMs don't handle/recover the devices properly. > > The MEV bit in the STE allows to configure the SMMU HW to merge similar > event records, though there is no guarantee. Set it in a nested STE for > DoS mitigations. > > Signed-off-by: Nicolin Chen <nicol...@nvidia.com> > --- > drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.h | 1 + > drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-iommufd.c | 2 ++ > drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 4 ++-- > 3 files changed, 5 insertions(+), 2 deletions(-)
Reviewed-by: Jason Gunthorpe <j...@nvidia.com> > --- a/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c > +++ b/drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c > @@ -1051,7 +1051,7 @@ void arm_smmu_get_ste_used(const __le64 *ent, __le64 > *used_bits) > cpu_to_le64(STRTAB_STE_1_S1DSS | STRTAB_STE_1_S1CIR | > STRTAB_STE_1_S1COR | STRTAB_STE_1_S1CSH | > STRTAB_STE_1_S1STALLD | STRTAB_STE_1_STRW | > - STRTAB_STE_1_EATS); > + STRTAB_STE_1_EATS | STRTAB_STE_1_MEV); > used_bits[2] |= cpu_to_le64(STRTAB_STE_2_S2VMID); You also ran the test suite? Jason
