On Wed, Nov 02, 2022 at 09:38:55AM +0800, Zhiquan Li wrote: > > On 2022/11/1 08:46, jarkko@xxxxxxxxxx wrote: > > Why would we want to enforce for user space not to do this, even > > if it does cause malfunctioning program? > > > > We want to resolve the problem at the source rather than just deal with > the symptom passively derived from it. For instance, we might be able to > return VM_FAULT_SIGBUS to kill the malicious application, but if the > malicious child touch the memory earlier than parent despite it cannot > use the virtual EPC page, then the parent will be victim. > > Even thought it's not a security threaten, there is no practical > significance for sharing a virtual EPC instance. So we would like to > prevent it from the beginning. Can you phrase this to the commit message? This makes sense as a motivation. BR, Jarkko
