| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250122002128.GC5556@nvidia.com> Date: Tue, 21 Jan 2025 20:21:28 -0400 From: Jason Gunthorpe <jgg@...dia.com> To: Nicolin Chen <nicolinc@...dia.com> Cc: kevin.tian@...el.com, corbet@....net, will@...nel.org, joro@...tes.org, suravee.suthikulpanit@....com, robin.murphy@....com, dwmw2@...radead.org, baolu.lu@...ux.intel.com, shuah@...nel.org, linux-kernel@...r.kernel.org, iommu@...ts.linux.dev, linux-arm-kernel@...ts.infradead.org, linux-kselftest@...r.kernel.org, linux-doc@...r.kernel.org, eric.auger@...hat.com, jean-philippe@...aro.org, mdf@...nel.org, mshavit@...gle.com, shameerali.kolothum.thodi@...wei.com, smostafa@...gle.com, ddutile@...hat.com, yi.l.liu@...el.com, patches@...ts.linux.dev Subject: Re: [PATCH v5 08/14] iommufd/viommu: Add iommufd_viommu_report_event helper On Tue, Jan 21, 2025 at 01:40:05PM -0800, Nicolin Chen wrote: > > There is also the minor detail of what happens if the hypervisor HW > > queue overflows - I don't know the answer here. It is security > > concerning since the VM can spam DMA errors at high rate. :| > > In my view, the hypervisor queue is the vHW queue for the VM, so > it should act like a HW, which means it's up to the guest kernel > driver that handles the high rate DMA errors.. I'm mainly wondering what happens if the single physical kernel event queue overflows because it is DOS'd by a VM and the hypervisor cannot drain it fast enough? I haven't looked closely but is there some kind of rate limiting or otherwise to mitigate DOS attacks on the shared event queue from VMs? Jason
Powered by blists - more mailing lists