On 06.05.2017 10:38, Daniel Gruss wrote:
On 2017-05-06 06:02, David Gens wrote:
Assuming that their patch indeed leaks per-cpu addresses.. it might not
necessarily
be required to change it.
I think we're not leaking them (unless we still have some bug in our code).
Just to correct my answer here as well: Although we experimented with fixed mappings for per-cpu addresses, the current
patch does not incorporate this yet, so it indeed still leaks. However, it is not a severe problem. The mapping of the
required (per-cpu) variables would be at a fixed location in the user CR3, instead of the ones that are used in the kernel.
