On 10/25/21 10:51 AM, Nadav Amit wrote:

quoted

On Oct 25, 2021, at 10:45 AM, Dave Hansen [off-list ref] wrote:
On 10/25/21 9:19 AM, Nadav Amit wrote:

quoted

That was my first version, but I was concerned that perhaps there is
some strange scenario in which both X86_PF_WRITE and X86_PF_INSN can
be set. That is the reason that Peter asked you whether this is
something that might happen.

If you confirm they cannot be both set, I would the version you just
mentioned.

I'm pretty sure they can't be set together on any sane hardware.  A
bonkers hypervisor or CPU could do it of course, but they'd be crazy.

BTW, feel free to add a WARN_ON_ONCE() if WRITE and INSN are both set.
That would be a nice place to talk about the assumption.

I can do that. But be aware that if the assumption is broken, it might
lead to the application getting stuck in an infinite loop of
page-faults instead of receiving SIGSEGV.

If we have a bonkers hypervisor/CPU, I'm OK with a process that hangs
like that, especially if we can ^C it and see its stream of page faults
with tracing or whatever.

Couldn't we just also do:

	if ((code & (X86_PF_WRITE|X86_PF_INSN) ==
                    (X86_PF_WRITE|X86_PF_INSN)) {
		WARN_ON_ONCE(1);
		return 1;
	}

That should give you the WARN_ON_ONCE() and also return an affirmative
access_error(), resulting in a SIGSEGV.

(I'm not sure I like the indentation as I wrote it here... just do what
looks best in the code)