From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter Xu Subject: Re: [PATCH v2] vfio/type1: Limit DMA mappings per container Date: Wed, 3 Apr 2019 14:05:58 +0800 Message-ID: <20190403060558.GL11008@xz-x1> References: <155422160029.16896.1992475589398080933.stgit@gimli.home> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, eric.auger@redhat.com, cohuck@redhat.com To: Alex Williamson Return-path: Content-Disposition: inline In-Reply-To: <155422160029.16896.1992475589398080933.stgit@gimli.home> Sender: linux-kernel-owner@vger.kernel.org List-Id: kvm.vger.kernel.org On Tue, Apr 02, 2019 at 10:15:38AM -0600, Alex Williamson wrote: > Memory backed DMA mappings are accounted against a user's locked > memory limit, including multiple mappings of the same memory. This > accounting bounds the number of such mappings that a user can create. > However, DMA mappings that are not backed by memory, such as DMA > mappings of device MMIO via mmaps, do not make use of page pinning > and therefore do not count against the user's locked memory limit. > These mappings still consume memory, but the memory is not well > associated to the process for the purpose of oom killing a task. > > To add bounding on this use case, we introduce a limit to the total > number of concurrent DMA mappings that a user is allowed to create. > This limit is exposed as a tunable module option where the default > value of 64K is expected to be well in excess of any reasonable use > case (a large virtual machine configuration would typically only make > use of tens of concurrent mappings). > > This fixes CVE-2019-3882. > > Signed-off-by: Alex Williamson Reviewed-by: Peter Xu Thanks, -- Peter Xu