From 215e2ac5905d89aa3d2b06de908bc40a29362062 Mon Sep 17 00:00:00 2001
From: Marcelo Tosatti <mtosatti@redhat.com>
Date: Tue, 7 Jul 2009 13:38:03 -0300
Subject: [PATCH] KVM: limit lapic periodic timer frequency

Otherwise its possible to DoS the host by programming lapic timer
with a very high frequency.

Not upstream, will be fixed differently there.

Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
Bugzilla: 510087
Message-ID: <20090707163803.GA6752@amt.cnet>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
RH-Upstream-status: not-applicable
Acked-by: Dor Laor <dlaor@redhat.com>
Acked-by: Glauber Costa <glommer@redhat.com>
Acked-by: Gleb Natapov <gleb@redhat.com>
---
 arch/x86/kvm/lapic.c |    9 +++++++++
 1 files changed, 9 insertions(+), 0 deletions(-)

diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c
index afc59b2..a3978b1 100644
--- a/arch/x86/kvm/lapic.c
+++ b/arch/x86/kvm/lapic.c
@@ -636,6 +636,15 @@ static void start_apic_timer(struct kvm_lapic *apic)
 
 	if (!apic->timer.period)
 		return;
+	/*
+ 	 * Do not allow the guest to program periodic timers with small 
+ 	 * interval, since the hrtimers are not throttled by the host 
+	 * scheduler.
+	 */
+	if (apic_lvtt_period(apic)) {
+        	if (apic->timer.period < NSEC_PER_MSEC/2)
+                	apic->timer.period = NSEC_PER_MSEC/2;
+	}
 
 	hrtimer_start(&apic->timer.dev,
 		      ktime_add_ns(now, apic->timer.period),
-- 
1.6.3.rc4.29.g8146