Re: [PATCH 26/26] x86, pkeys: Documentation
From: Dave Hansen
Date: Wed Oct 07 2015 - 16:47:16 EST
On 10/07/2015 01:39 PM, Andy Lutomirski wrote:
> On Wed, Oct 7, 2015 at 1:24 PM, Dave Hansen <dave@xxxxxxxx> wrote:
>> On 10/03/2015 01:17 AM, Ingo Molnar wrote:
>>> Right now the native x86 PTE format allows two protection related bits for
>>> user-space pages:
>>>
>>> _PAGE_BIT_RW: if 0 the page is read-only, if 1 then it's read-write
>>> _PAGE_BIT_NX: if 0 the page is executable, if 1 then it's not executable
>>>
>>> As discussed previously, pkeys allows 'true execute only (--x)' mappings.
>>>
>>> Another possibility would be 'true write-only (-w-)' mappings.
>>
>> How would those work?
>>
>> Protection Keys has a Write-Disable and an Access-Disable bit. But,
>> Access-Disable denies _all_ data access to the region. There's no way
>> to allow only writes.
>
> Weird. I wonder why Intel did that.
>
> I also wonder whether EPT can do write-only.
The SDM makes it look that way. There appear to be completely separate
r/w/x bits. r=0/w=0/x=0 means !present.
The bit 0 definition says, for instance:
Read access; indicates whether reads are allowed from the
4-KByte page referenced by this entry
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/