• J
    xen/gntdev: replace global limit of mapped pages by limit per call · 3b06ac67
    Juergen Gross 提交于
    Today there is a global limit of pages mapped via /dev/xen/gntdev set
    to 1 million pages per default. There is no reason why that limit is
    existing, as total number of grant mappings is limited by the
    hypervisor anyway and preferring kernel mappings over userspace ones
    doesn't make sense. It should be noted that the gntdev device is
    usable by root only.
    
    Additionally checking of that limit is fragile, as the number of pages
    to map via one call is specified in a 32-bit unsigned variable which
    isn't tested to stay within reasonable limits (the only test is the
    value to be <= zero, which basically excludes only calls without any
    mapping requested). So trying to map e.g. 0xffff0000 pages while
    already nearly 1000000 pages are mapped will effectively lower the
    global number of mapped pages such that a parallel call mapping a
    reasonable amount of pages can succeed in spite of the global limit
    being violated.
    
    So drop the global limit and introduce per call limit instead. This
    per call limit (default: 65536 grant mappings) protects against
    allocating insane large arrays in the kernel for doing a hypercall
    which will fail anyway in case a user is e.g. trying to map billions
    of pages.
    Signed-off-by: NJuergen Gross <jgross@suse.com>
    Reviewed-by: NOleksandr Andrushchenko <oleksandr_andrushchenko@epam.com>
    Reviewed-by: NBoris Ostrovsky <boris.ostrovsky@oracle.com>
    Signed-off-by: NJuergen Gross <jgross@suse.com>
    3b06ac67
gntdev-common.h 2.1 KB