Re: [PATCH v6 14/14] iommu/arm-smmu-v3: Set MEV bit in nested STE for DoS mitigations

From: Nicolin Chen
Date: Thu Feb 20 2025 - 02:16:56 EST


On Tue, Feb 18, 2025 at 02:52:29PM -0400, Jason Gunthorpe wrote:
> On Tue, Feb 18, 2025 at 06:17:15PM +0000, Pranjal Shrivastava wrote:
>
> > > Is MEV available only in nested mode? Otherwise it perhaps makes
> > > sense to turn it on in all configurations in IOMMUFD paths...
> >
> > I think the arm-smmu-v3's iommufd implementation only supports nested
> > which could be the reason.
>
> I think starting with MEV in this limited case is reasonable.
>
> I agree it makes sense to always turn it on from a production
> perspective..

Then, I will just add a line to the commit log:
"In the future, we might want to enable the MEV for non-nested cases too
such as domain->type == IOMMU_DOMAIN_UNMANAGED or even IOMMU_DOMAIN_DMA."

Thanks
Nicolin