Vladimir Sementsov-Ogievskiy <[email protected]> writes: > On 17.02.26 12:03, Markus Armbruster wrote: >> Vladimir Sementsov-Ogievskiy <[email protected]> writes: >> >>> Remove desc, avail, and used fields as they expose process address space >>> information and violate ASLR. >> >> Isn't the user of the monitor trusted? > > I don't know exactly the policy here. If keep these fields, their semantics > will change anyway with these series. So I decided, it's simpler to drop > them (if no objections), keeping in mind experimental status of the command > and ASLR.
The monitor lets you read arbitrary virtual and physical guest memory. Feels trusted to me :) "Violate ASLR" suggests security is at stake somehow. I doubt it is. "will change anyway" and "it's simpler to drop them" makes me suspect they're not useful enough to be worth their keep. If this is the actual reason for dropping them, please rewrite your commit message to say so. >> >>> Since this is an experimental command, we >>> can safely remove these potentially sensitive fields. >>> >>> Signed-off-by: Vladimir Sementsov-Ogievskiy <[email protected]> >> >> Patch looks good.
