On Tue, Jan 21, 2025 at 01:40:05PM -0800, Nicolin Chen wrote: > > There is also the minor detail of what happens if the hypervisor HW > > queue overflows - I don't know the answer here. It is security > > concerning since the VM can spam DMA errors at high rate. :| > > In my view, the hypervisor queue is the vHW queue for the VM, so > it should act like a HW, which means it's up to the guest kernel > driver that handles the high rate DMA errors.. I'm mainly wondering what happens if the single physical kernel event queue overflows because it is DOS'd by a VM and the hypervisor cannot drain it fast enough? I haven't looked closely but is there some kind of rate limiting or otherwise to mitigate DOS attacks on the shared event queue from VMs? Jason
