On 01/08/2018 08:12 AM, Willy Tarreau wrote:
Since we're going to keep running on the same PGD when returning to
userspace for certain performance-critical tasks, we'll need the user
pages to be executable. So this code disables the extra protection
that was added consisting in marking user pages _PAGE_NX so that this
pgd remains usable for userspace.
Note: it isn't necessarily the best approach, but one way or another
if we want to be able to return to userspace from the kernel,
we'll have to have this executable anyway. Another approach
might consist in using another pgd for userland+kernel but
the current core really looks like an extra careful measure
to catch early bugs if any.
I don't like this.
I think the prctl() should apply to an entire process, not to a thread.
If it applies to a process, you can unpoison the PGD. I even had code
to do this in an earlier version of the (whole system) runtime PTI
on/off stuff.
Why are you even posting half-baked hacks like this now? Is there
something super-pressing about this set that we need to lock in a new
ABI now?