On 04/30/2018 12:51 AM, Ram Pai wrote:
> /*
> * Look for a protection-key-drive execute-only mapping
> * which is now being given permissions that are not
> * execute-only. Move it back to the default pkey.
> */
> if (vma_is_pkey_exec_only(vma) && (prot != PROT_EXEC)) <--------
> return ARCH_DEFAULT_PKEY;
>
> /*
> * The mapping is execute-only. Go try to get the
> * execute-only protection key. If we fail to do that,
> * fall through as if we do not have execute-only
> * support.
> */
> if (prot == PROT_EXEC) {
> pkey = execute_only_pkey(vma->vm_mm);
> if (pkey > 0)
> return pkey;
> }
Yes, that would also work. It's just a matter of whether you prefer
having the prot==PROT_EXEC checks in one place or two. I'd rather leave
it the way I've got it unless there are major objections since it's been
tested.
