summaryrefslogtreecommitdiff
path: root/scripts/Makefile.thinlto
diff options
context:
space:
mode:
authorNicolin Chen <nicolinc@nvidia.com>2026-05-22 03:36:34 +0300
committerJason Gunthorpe <jgg@nvidia.com>2026-06-01 20:54:19 +0300
commit6ebf2eb46fbd5b40393ff8fbb847ba96925beaff (patch)
treecbe632fd06694a78ea20797ed502f72469dad31f /scripts/Makefile.thinlto
parent47443565d10c51366c9382dbc8597cd6c460b8a2 (diff)
downloadlinux-6ebf2eb46fbd5b40393ff8fbb847ba96925beaff.tar.xz
iommufd: Set veventq_depth upper bound
iommufd_veventq_alloc() accepts any !0 veventq_depth from userspace, with an upper bound at U32_MAX. This leaves a vulnerability where userspace can allocate excessively large queues to exhaust kernel memory reserves. Cap the veventq_depth (maximum number of entries) to 1 << 19, matching the maximum number of entries in the SMMUv3 EVTQ (the largest use case today). Fixes: e36ba5ab808e ("iommufd: Add IOMMUFD_OBJ_VEVENTQ and IOMMUFD_CMD_VEVENTQ_ALLOC") Link: https://patch.msgid.link/r/8426cbaa5e8294472ec7f076ef427cc473be5985.1779408671.git.nicolinc@nvidia.com Cc: stable@vger.kernel.org Reviewed-by: Jason Gunthorpe <jgg@nvidia.com> Signed-off-by: Nicolin Chen <nicolinc@nvidia.com> Reviewed-by: Kevin Tian <kevin.tian@intel.com> Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
Diffstat (limited to 'scripts/Makefile.thinlto')
0 files changed, 0 insertions, 0 deletions