tech-kern: Re: bad effect of keeping page table mapped in user space ?

Subject: Re: bad effect of keeping page table mapped in user space ?
To: None <tech-kern@netbsd.org>
From: Manuel Bouyer <bouyer@antioche.eu.org>
List: tech-kern
Date: 11/27/2007 10:23:17

On Tue, Nov 27, 2007 at 07:50:31AM +0100, Joerg Sonnenberger wrote:
> On Tue, Nov 27, 2007 at 12:35:46AM +0100, Manuel Bouyer wrote:
> > The current code (for Xen) fills in the L4 PTE entry on pmap_map_ptes()
> > and clear it on pmap_unmap_ptes() though hypercalls. This makes pmap_extract()
> > really, really slow (like 10x slower). So my question about keeping the L4 PTE
> > entry valid on return to userspace, which makes it possible for a user process
> > to read its PTE entries (not write: an active page table is always mapped
> > read-only). I don't see a problem with it, but I may be missing somthing.
> 
> Can it also read the kernel page table? I don't see a problem with a
> userland program reading the page mapping of itself. IIRC it can do that
> using other means as well. What would be a possible issue is if it can
> look at parts of the "kernel" map.

No, in Xen/amd64 the kernel map is never loaded in userland page tables.

-- 
Manuel Bouyer, LIP6, Universite Paris VI.           Manuel.Bouyer@lip6.fr
     NetBSD: 26 ans d'experience feront toujours la difference
--