KVM: s390: Limit sthyi execution
Store hypervisor information is a valid instruction not only in supervisor state but also in problem state, i.e. the guest's userspace. Its execution is not only computational and memory intensive, but also has to get hold of the ipte lock to write to the guest's memory. This lock is not intended to be held often and long, especially not from the untrusted guest userspace. Therefore we apply rate limiting of sthyi executions per VM. Signed-off-by: Janosch Frank <frankja@linux.vnet.ibm.com> Acked-by: David Hildenbrand <dahi@linux.vnet.ibm.com> Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
This commit is contained in:
Janosch Frank
zatwierdzone przez
Christian Borntraeger
Christian Borntraeger
rodzic
95ca2cb579
commit
7d0a5e6241
@@ -1151,6 +1151,8 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
|
||||
|
||||
rc = -ENOMEM;
|
||||
|
||||
ratelimit_state_init(&kvm->arch.sthyi_limit, 5 * HZ, 500);
|
||||
|
||||
kvm->arch.use_esca = 0; /* start with basic SCA */
|
||||
rwlock_init(&kvm->arch.sca_lock);
|
||||
kvm->arch.sca = (struct bsca_block *) get_zeroed_page(GFP_KERNEL);
|
||||
|
||||
Reference in New Issue
Block a user