> > I'm pretty sure a guest can cause those to change and I'm not 100% > > sure, but I think it's a potential source of exploits if you assume a > > mapping. In the very least, a guest can trick vhost into writing to ram > > that it wouldn't normally write to. > > This seems harmless. guest can write anywhere in ram, anyway.
Surely writing to the wrong address is always a fatal flaw. There certainly exist machines that can change physical RAM mapping. While I wouldn't expect this to happen during normal operation, it could occur between a (virtio- aware) bootloader/BIOS and real kernel. Paul
