On Sat, Oct 16, 2021 at 6:54 PM Samuel Thibault <samuel.thiba...@gnu.org> wrote:
> Indeed, since it's the region that remembers which protection was
> allowed, we need a proxy there to enforce them.

Right, that's also a good point. max_proection can be less than 7 even
if there never was a proxy. That is, one can do

vm_map (some_other_task, memobj, VM_PROT_READ, VM_PROT_READ);

and expect some_other_task to never get write access to the object.

Sergey

Reply via email to