Hi Dave, On Wed, Aug 08, 2018 at 08:54:37AM -0700, Dave Hansen wrote: > One bit of information missing from the changelog: Could you clarify how > there are any entries in the user page tables for the code to complain? > Before pti_init(), I would have expected the user page tables to be empty. The W+X check runs at the end of mark_readonly() in x86, which is after pti_init() already put kernel mappings into the user page-table. Problem is that the cloned entries are still W+X mapped, which is fixed in pti_finalize() running _after_ mark_readonly(). Regards, Joerg
