On 10/07/2015 01:39 PM, Andy Lutomirski wrote: > On Wed, Oct 7, 2015 at 1:24 PM, Dave Hansen <dave@xxxxxxxx> wrote: >> On 10/03/2015 01:17 AM, Ingo Molnar wrote: >>> Right now the native x86 PTE format allows two protection related bits for >>> user-space pages: >>> >>> _PAGE_BIT_RW: if 0 the page is read-only, if 1 then it's read-write >>> _PAGE_BIT_NX: if 0 the page is executable, if 1 then it's not executable >>> >>> As discussed previously, pkeys allows 'true execute only (--x)' mappings. >>> >>> Another possibility would be 'true write-only (-w-)' mappings. >> >> How would those work? >> >> Protection Keys has a Write-Disable and an Access-Disable bit. But, >> Access-Disable denies _all_ data access to the region. There's no way >> to allow only writes. > > Weird. I wonder why Intel did that. > > I also wonder whether EPT can do write-only. The SDM makes it look that way. There appear to be completely separate r/w/x bits. r=0/w=0/x=0 means !present. The bit 0 definition says, for instance: Read access; indicates whether reads are allowed from the 4-KByte page referenced by this entry -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>