On 01/11/2018 15:18, Jan Beulich wrote: >>>> Juergen Gross <jgross@xxxxxxxx> 11/01/18 1:34 PM >>> >> Currently the size of hypercall buffers allocated via >> /dev/xen/hypercall is limited to a default of 64 memory pages. For live >> migration of guests this might be too small as the page dirty bitmask >> needs to be sized according to the size of the guest. This means >> migrating a 8GB sized guest is already exhausting the default buffer >> size for the dirty bitmap. >> >> There is no sensible way to set a sane limit, so just remove it >> completely. The device node's usage is limited to root anyway, so there >> is no additional DOS scenario added by allowing unlimited buffers. > > But is this setting of permissions what we want long term? What about a > de-privileged qemu, which still needs to be able to issue at least dm-op > hypercalls? Wouldn't that qemu have opened the node while still being privileged? Juergen
