Re: make PROT_WRITE imply PROT_READ

[Ulrich Drepper]

On 6/23/06, Arjan van de Ven <arjan@xxxxxxxxxxxxx> wrote:
> you ask for it, and the kernel is supposed to deliver the best behavior
> it can.

The kernel should provide

- a stable, reliable interface

- a consistent interface at least accross architectures, maybe even platforms


Providing write-only support for memory falls into none of these
categories.  When Jason and I discussed this my position actually was
to disallow PROT_WRITE without PROT_READ completely, making it an
error of mmap and mprotect.  That's perfectly legal according to POSIX
and it will teach those who write broken code like this.

Jason's proposal to implicitly set PROT_READ is the second best
solution.  It gets rid of the error cases which a developer might not
notice, either because of lucky circumstances or details of the
architecture.

The reality is that almost no platform can really implement write-only
memory.  RISC architectures implement sub-word write as word reads,
modify, word write.  And even for CISC archs the compiler, for
instance, might decide to read memory, be it for prefetching or
explicit write-combining.

I'm strongly in favor of adding of adding one of the two possible
patches (forbidding, implicitly setting PROT_READ).  This will help
preventing these kinds of programming mistakes from spreading and we
already _know_ that there are such programs out there.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/