Hello, 2016-07-08 17:43 GMT+09:00 Justus Winter <jus...@gnupg.org>: > Hi :) > > Masanori Ogino <masanori.og...@gmail.com> writes: >> How about this patch? >> Did I share this with you in a wrong way, or is it simply useless? >> >> 2016-06-18 22:04 GMT+09:00 Masanori Ogino <masanori.og...@gmail.com>: >>> As described in XXX comments, the workaround for memory mapping is >>> implemented for 80386 and it is unnecessary on i486 or later. Thus, it >>> is safe to omit that if the kernel is built for the recent (1989~) >>> processors. > > Sweet, thanks for the patch. I included it in my builds, and it seems > good. However, I did not understand the change in detail, could you > motivate it a little? Or if others agree with the change, I'll merge > it.
OK. Let me explain it. According to the comment in pmap.c, line 1715 and below, i386 ignores the read-write bit of page table entries (PTEs) in kernel (a.k.a. supervisor or privileged) mode. This is why pmap_protect (pmap.c, line 1684~) and pmap_enter (pmap.c, line 1791~) treats the combination of read-only mode and kernel mode as a special case. Moreover, kernel_trap (trap.c, line 1521~) have to try read-write access to pmap first when a page fault occurs. (I couldn't find any page describing the i386 bug, though. Probably there were certain revisions with the bug but the others worked fine.) The patch is intended to remove the workaround to use hardware write-protection properly in kernel mode on recent processors and it might boost performance. Anyway, I found a bug in the patch now; the vm_fault call in trap.c, line 235 should check whether (code & T_PF_WRITE) is set or not on i486 or later. In other words, `VM_PROT_READ|VM_PROT_WRITE` in line 237 should be `(code & T_PF_WRITE) ? VM_PROT_READ|VM_PROT_WRITE : VM_PROT_READ` on recent processors. I will share the v2 patch after checking the code again. -- Masanori Ogino
