On 15/11/2019 09.50, Janosch Frank wrote: > On 11/15/19 9:19 AM, Thomas Huth wrote: [...] >> Still, is there a way you could also verify that gaddr references the >> right page that is mirrored in the sidad? >> >> Thomas >> > > I'm not completely sure if I understand your question correctly. > Checking that is not possible here without also looking at the > instruction bytecode and register contents which would make this patch > ridiculously large with no real benefit. Yes, I was thinking about something like that. I mean, how can you be sure that the userspace really only wants to read the contents that are references by the sidad? It could also try to read or write e.g. the lowcore data inbetween (assuming that there are some code paths left which are not aware of protected virtualization yet)? Well, it does not have to be right now and in this patch, but I still think that's something that should be added in the future if somehow possible... Thomas
