On Sat, Feb 22, 2025 at 07:54:11AM -0800, Nicolin Chen wrote: > There is a DoS concern on the shared hardware event queue among devices > passed through to VMs, that too many translation failures that belong to > VMs could overflow the shared hardware event queue if those VMs or their > VMMs don't handle/recover the devices properly. > > The MEV bit in the STE allows to configure the SMMU HW to merge similar > event records, though there is no guarantee. Set it in a nested STE for > DoS mitigations. > > In the future, we might want to enable the MEV for non-nested cases too > such as domain->type == IOMMU_DOMAIN_UNMANAGED or even IOMMU_DOMAIN_DMA. > > Reviewed-by: Jason Gunthorpe <j...@nvidia.com> > Signed-off-by: Nicolin Chen <nicol...@nvidia.com> > --- > drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.h | 1 + > drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3-iommufd.c | 2 ++ > drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c | 4 ++-- > 3 files changed, 5 insertions(+), 2 deletions(-) >
Reviewed-by: Pranjal Shrivastava <pr...@google.com> Thanks, Praan
