Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp422846pxb; Mon, 25 Oct 2021 10:54:19 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyTN3a+tT4Y3fI71FKNCaILtz4frxmo6je2Km0vOE+o4wZbG4Q/2RIHsKIqgzoxU9pKHLR/ X-Received: by 2002:a17:906:fb11:: with SMTP id lz17mr19786079ejb.385.1635184459639; Mon, 25 Oct 2021 10:54:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1635184459; cv=none; d=google.com; s=arc-20160816; b=gqwxB/EQCNYZ5qqrkOFNH6Hnfxvv5AVFAqCC+b3EL8jYTCkBEioP2M2jCGUzh+IVr7 evBpLHnPTaSNNqt+ULCXTXSJwSPwpQ1IzfFFPBNhaQBqgALRDGiAcVuHGiW7geBUONZ8 4dHA+A1iPVHFH7NcBzL+/4gnvL6IZMhi6v7mSsIXJZZHaaDa5WumjhiayBPH6odAS8kT NHd14m5KbaparJgfzbNvNeIJodqn6oOl19W9aUBKrrYyp7kcQJ20fQ9nmGFDJoH3KR+J 15FLoXjhNHiykLU4FIl1/sy0UlSU/hOLIhe+XpN732PZoB+7jr23WIePGRr3XcLMffxz hBiQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:to:references:message-id :content-transfer-encoding:cc:date:in-reply-to:from:subject :mime-version:dkim-signature; bh=5prfJR+SMuTNMmFlD4bpo+k6mYbGEspWL5jfk2x5rH0=; b=iA9NpjnHXEDDfMhh266tOXb8RdDokInXdEDmGk2lsFstqgZLBY7AwFb395GfHbhdLy um1Z7uAPrhQUlJ4icuBZEvASK46iaV1jSijpu2S2oY1qpaH4liI/S49IHC/VtQo/fZPw /PZjc2gksGsNzy9PudpgPHwPMgFCJFB8n+DVZ5rjGTAN8mniikAK2sPZEt+wByBg6XAx tuWzmCLPx4IYsbD0B0xLuPknFplYqOUjqtKcQt8A1dumDaXovS8/tlk5tOOGdCOasHA9 SBIBtEEtNmD1GJvCkyZ1fcvpB5Pw+XXnD958W7mjBH0C6ic2b0Jv8iq9wVR02Ahvlza8 I8Og== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=XOE89h3u; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id r23si14964599edq.219.2021.10.25.10.53.55; Mon, 25 Oct 2021 10:54:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=XOE89h3u; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232026AbhJYRxt (ORCPT + 99 others); Mon, 25 Oct 2021 13:53:49 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59314 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233400AbhJYRxs (ORCPT ); Mon, 25 Oct 2021 13:53:48 -0400 Received: from mail-pj1-x102d.google.com (mail-pj1-x102d.google.com [IPv6:2607:f8b0:4864:20::102d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D3C13C061745 for ; Mon, 25 Oct 2021 10:51:24 -0700 (PDT) Received: by mail-pj1-x102d.google.com with SMTP id na16-20020a17090b4c1000b0019f5bb661f9so673427pjb.0 for ; Mon, 25 Oct 2021 10:51:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=5prfJR+SMuTNMmFlD4bpo+k6mYbGEspWL5jfk2x5rH0=; b=XOE89h3ulpAhTyvxVCcfsW2KXYLgsMV1TzlwgrULwsnmzjvi9cp+/YSdP1OTeMTiNl TPbYNfa5ROftjN2crbZ81MkCcF8qtDPowfnAwBNUYTbQPXhVgbvWpij4h9zt0kfrpvAw RdWh6uJ+T5mBiDl9q7YeOCNoMu8eDZlK50ItCFiaxCWc+rHv2hTD7Fq5OThg3x2pjJ8T wKKiZM/22kY1twjTYE1qB8pUpsSxXu7M86AJwdnqvetN5+VxqP8C5UbgfZAYBOODZOsp CJAabm4eafSwkQhI5wqACR9ruzEiECStILXJ8POEjcNjz6GV53fPh8H1pRUNzP63MiI9 p/wQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=5prfJR+SMuTNMmFlD4bpo+k6mYbGEspWL5jfk2x5rH0=; b=G2lxeapAPbtsm+hnlQpAXJ9PMWj1O8VySHb9mY1tl/+ph7mxXkgBAmZYWBWu0Lj9hX ouslsAdC+ZMU1xOc6/r4kEDNZ2Ogp8RodXSqItUpBlsdoVDtK+40IiREWRQ6xl4UZWXi P8JAIdRxh9t8JCi3aEr4Cu7hLOymhxzlHc2X6QSyet2UJTufxkkVBkp6tKRCbkw/5fln YTXVg5Ug3c8wuDTxTYJNh2uNM6CsfQGsZL/ee0S/OE//hRfVhq2m1D5i6ujpDtMv+CuT ++lEovN2IzrMcLP0SatdLQQJbUWwAAk8tRM1/ssp8Df4bCEug9lv/pt0Isu3JYZ5y48t Xqxw== X-Gm-Message-State: AOAM533O71Msg3+WC498+ShiGYa/vZE/j1zZLsN1Sotw090pbAHYUgQm +6E1OzVCGuwePUy9+QSKsMs= X-Received: by 2002:a17:902:ce82:b0:140:266e:df73 with SMTP id f2-20020a170902ce8200b00140266edf73mr18069201plg.0.1635184284100; Mon, 25 Oct 2021 10:51:24 -0700 (PDT) Received: from smtpclient.apple (c-24-6-216-183.hsd1.ca.comcast.net. [24.6.216.183]) by smtp.gmail.com with ESMTPSA id i12sm17141581pgd.56.2021.10.25.10.51.22 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 25 Oct 2021 10:51:23 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.120.0.1.13\)) Subject: Re: [PATCH v2 3/5] x86/mm: check exec permissions on fault From: Nadav Amit In-Reply-To: <37d0b84c-f6ca-15cb-8d78-b6b5a9496da7@intel.com> Date: Mon, 25 Oct 2021 10:51:21 -0700 Cc: Linux-MM , LKML , Andrea Arcangeli , Andrew Cooper , Andrew Morton , Andy Lutomirski , Dave Hansen , Peter Xu , Peter Zijlstra , Thomas Gleixner , Will Deacon , Yu Zhao , Nick Piggin , x86@kernel.org Content-Transfer-Encoding: 7bit Message-Id: References: <20211021122112.592634-1-namit@vmware.com> <20211021122112.592634-4-namit@vmware.com> <00C2DC4B-A77D-4B32-B7F7-2291830BC2D2@gmail.com> <37d0b84c-f6ca-15cb-8d78-b6b5a9496da7@intel.com> To: Dave Hansen X-Mailer: Apple Mail (2.3654.120.0.1.13) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > On Oct 25, 2021, at 10:45 AM, Dave Hansen wrote: > > On 10/25/21 9:19 AM, Nadav Amit wrote: >> That was my first version, but I was concerned that perhaps there is >> some strange scenario in which both X86_PF_WRITE and X86_PF_INSN can >> be set. That is the reason that Peter asked you whether this is >> something that might happen. >> >> If you confirm they cannot be both set, I would the version you just >> mentioned. > > I'm pretty sure they can't be set together on any sane hardware. A > bonkers hypervisor or CPU could do it of course, but they'd be crazy. > > BTW, feel free to add a WARN_ON_ONCE() if WRITE and INSN are both set. > That would be a nice place to talk about the assumption. > I can do that. But be aware that if the assumption is broken, it might lead to the application getting stuck in an infinite loop of page-faults instead of receiving SIGSEGV.