On Sat, Oct 16, 2021 at 6:54 PM Samuel Thibault <samuel.thiba...@gnu.org> wrote: > Indeed, since it's the region that remembers which protection was > allowed, we need a proxy there to enforce them.
Right, that's also a good point. max_proection can be less than 7 even if there never was a proxy. That is, one can do vm_map (some_other_task, memobj, VM_PROT_READ, VM_PROT_READ); and expect some_other_task to never get write access to the object. Sergey