On Feb 9, 2016 6:24 AM, "Ingo Molnar" <mingo@xxxxxxxxxx> wrote: > > > * Matthew Wilcox <willy@xxxxxxxxxxxxxxx> wrote: > > > > I sure hope not. If vm_page_prot was writable, something was already broken, > > > because this is the vvar mapping, and the vvar mapping is VM_READ (and not > > > even VM_MAYREAD). > > > > I do beg yor pardon. I thought you were inserting a readonly page into the > > middle of a writable mapping. Instead you're inserting a non-executable page > > into the middle of a VM_READ | VM_EXEC mapping. Sorry for the confusion. I > > should have written: > > > > "like your patch ends up mapping the HPET into userspace executable" > > > > which is far less exciting. > > Btw., a side note, an executable HPET page has its own dangers as well, for > example because it always changes in value, it can probabilistically represent > 'sensible' (and dangerous) executable x86 instructions that exploits can return > to. > > So only mapping it readable (which Andy's patch attempts I think) is worthwile. The whole vma is readable but not executable, so I don't think this was a problem. It's also at a randomized address, which helps. --Andy -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx"> email@xxxxxxxxx </a>