On Fri, 2017-05-05 at 21:07 -0700, Greg KH wrote: > From: Dave Weinstein <olo...@google.com> > > Add the kptr_restrict setting of 4 which results in %pa and > %p[rR] values being replaced by zeros.
Given that '%pa' is: * - 'a[pd]' For address types [p] phys_addr_t, [d] dma_addr_t and derivatives * (default assumed to be phys_addr_t, passed by reference) what is the thread model which hiding physical addresses from attackers protects against? I can see why virtual addresses would be obviously dangerous but physical addresses seem less obvious and I didn't see it spelled out in any of the commit messages or added comments in the thread. I think a comment somewhere would be useful for people who are trying to decide if they should use %pa vs %paP etc. Ian.
