On 11/3/24 11:35, Kumar Kartikeya Dwivedi wrote: > Currently, on x86, when SMAP is enabled, and a page fault occurs in > kernel mode for accessing a user address, the kernel will rightly panic > as no valid kernel code can cause such a page fault (unless buggy). > There is no valid correct kernel code that can generate such a fault, > therefore this behavior would be correct. > > BPF programs that currently encounter user addresses when doing > PROBE_MEM loads (load instructions which are allowed to read any kernel > address, only available for root users) avoid a page fault by performing > bounds checking on the address. This requires the JIT to emit a jump > over each PROBE_MEM load instruction to avoid hitting page faults. To be honest, I think the overhead (and complexity) is in the right spot today: the BPF program. I don't want to complicate the x86 page fault handler for a debugging feature that already has a functional solution today.
