qemu/include
David Hildenbrand 0fd7616e0f vfio: Support for RamDiscardManager in the vIOMMU case
vIOMMU support works already with RamDiscardManager as long as guests only
map populated memory. Both, populated and discarded memory is mapped
into &address_space_memory, where vfio_get_xlat_addr() will find that
memory, to create the vfio mapping.

Sane guests will never map discarded memory (e.g., unplugged memory
blocks in virtio-mem) into an IOMMU - or keep it mapped into an IOMMU while
memory is getting discarded. However, there are two cases where a malicious
guests could trigger pinning of more memory than intended.

One case is easy to handle: the guest trying to map discarded memory
into an IOMMU.

The other case is harder to handle: the guest keeping memory mapped in
the IOMMU while it is getting discarded. We would have to walk over all
mappings when discarding memory and identify if any mapping would be a
violation. Let's keep it simple for now and print a warning, indicating
that setting RLIMIT_MEMLOCK can mitigate such attacks.

We have to take care of incoming migration: at the point the
IOMMUs get restored and start creating mappings in vfio, RamDiscardManager
implementations might not be back up and running yet: let's add runstate
priorities to enforce the order when restoring.

Acked-by: Alex Williamson <alex.williamson@redhat.com>
Reviewed-by: Alex Williamson <alex.williamson@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Alex Williamson <alex.williamson@redhat.com>
Cc: Dr. David Alan Gilbert <dgilbert@redhat.com>
Cc: Igor Mammedov <imammedo@redhat.com>
Cc: Pankaj Gupta <pankaj.gupta.linux@gmail.com>
Cc: Peter Xu <peterx@redhat.com>
Cc: Auger Eric <eric.auger@redhat.com>
Cc: Wei Yang <richard.weiyang@linux.alibaba.com>
Cc: teawater <teawaterz@linux.alibaba.com>
Cc: Marek Kedzierski <mkedzier@redhat.com>
Signed-off-by: David Hildenbrand <david@redhat.com>
Message-Id: <20210413095531.25603-10-david@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
2021-07-08 15:54:45 -04:00
..
authz Prefer 'on' | 'off' over 'yes' | 'no' for bool options 2021-01-29 17:07:53 +00:00
block Block layer patches 2021-07-02 11:46:32 +01:00
chardev chardev: Fix yank with the chardev-change case 2021-04-01 15:27:44 +04:00
crypto crypto: Make QCryptoTLSCreds* structures private 2021-06-29 18:30:24 +01:00
disas Drop the deprecated lm32 target 2021-05-12 18:20:25 +02:00
exec memory: Helpers to copy/free a MemoryRegionSection 2021-07-08 15:54:45 -04:00
fpu Remove leading underscores from QEMU defines 2021-06-21 05:49:01 +02:00
hw vfio: Query and store the maximum number of possible DMA mappings 2021-07-08 15:54:45 -04:00
io io: add qio_channel_readv_full_all_eof & qio_channel_readv_full_all helpers 2021-02-10 09:23:28 +00:00
libdecnumber
migration vfio: Support for RamDiscardManager in the vIOMMU case 2021-07-08 15:54:45 -04:00
monitor hmp: Add "calc_dirty_rate" and "info dirty_rate" cmds 2021-06-08 20:18:26 +01:00
net vhost-vdpa: remove the unused vhost_vdpa_get_acked_features() 2021-06-11 10:30:13 +08:00
qapi vl: plumb keyval-based options into -readconfig 2021-06-04 13:50:04 +02:00
qemu qemu-option: remove now-dead code 2021-07-06 08:33:51 +02:00
qom qom: export more functions for use with non-UserCreatable objects 2021-07-06 08:33:51 +02:00
scsi scsi: inline sg_io_sense_from_errno() into the callers. 2021-03-06 11:42:56 +01:00
semihosting semihosting: Move include/hw/semihosting/ -> include/semihosting/ 2021-03-10 15:34:12 +00:00
standard-headers Update Linux headers to 5.13-rc4 2021-06-17 14:11:06 -04:00
sysemu block: add max_hw_transfer to BlockLimits 2021-06-25 10:54:13 +02:00
tcg tcg: Add flags argument to tcg_gen_bswap16_*, tcg_gen_bswap32_i64 2021-06-29 10:04:57 -07:00
ui ui/cocoa: Add clipboard support 2021-06-23 14:26:04 +02:00
user Remove leading underscores from QEMU defines 2021-06-21 05:49:01 +02:00
elf.h linux-user: elf: s390x: Prepare for Vector enhancements facility 2021-06-21 08:48:21 +02:00
glib-compat.h configure: bump min required glib version to 2.56 2021-06-02 09:11:32 +02:00
qemu-common.h qemu-common.h: Update copyright string to 2021 2021-03-09 22:19:24 +01:00
qemu-io.h
trace-tcg.h