Re: [PATCH v2 3/5] x86/mm: check exec permissions on fault

From: Andrew Cooper
Date: Mon Oct 25 2021 - 07:14:08 EST

Next message: Marc Zyngier: "Re: [PATCH v3 11/11] arm64: dts: Add Pensando Elba SoC support"
Previous message: Francesco Dolcini: "Re: [PATCH v3 3/7] PCI: imx6: Fix the regulator dump when link never came up"
In reply to: Peter Zijlstra: "Re: [PATCH v2 3/5] x86/mm: check exec permissions on fault"
Next in thread: Dave Hansen: "Re: [PATCH v2 3/5] x86/mm: check exec permissions on fault"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 25/10/2021 11:59, Peter Zijlstra wrote:
> On Thu, Oct 21, 2021 at 05:21:10AM -0700, Nadav Amit wrote:
>> From: Nadav Amit <namit@xxxxxxxxxx>
>> Add a check to prevent access_error() from returning mistakenly that
>> page-faults due to instruction fetch are not allowed. Intel SDM does not
>> indicate whether "instruction fetch" and "write" in the hardware error
>> code are mutual exclusive, so check both before returning whether the
>> access is allowed.
> Dave, can we get that clarified? It seems a bit naf and leads to
> confusing code IMO.

There is no such thing as an instruction fetch (a read) causing a
modification to the mapping. From this point of view, you'd never
expect to see them both set.

However, be aware that INSTR is only reported for NX || SMEP. Without
either, instruction vs data accesses are distinguished internally (can
be demonstrated with SMAP) but not visible in the pagefault error code.

~Andrew

Next message: Marc Zyngier: "Re: [PATCH v3 11/11] arm64: dts: Add Pensando Elba SoC support"
Previous message: Francesco Dolcini: "Re: [PATCH v3 3/7] PCI: imx6: Fix the regulator dump when link never came up"
In reply to: Peter Zijlstra: "Re: [PATCH v2 3/5] x86/mm: check exec permissions on fault"
Next in thread: Dave Hansen: "Re: [PATCH v2 3/5] x86/mm: check exec permissions on fault"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]