On 11/21/2017 02:46 PM, Andy Lutomirski wrote: >> GDT: R/O TSS: R/W at least because of trampoline stack entry code: >> EXEC+R/O exception stacks: R/W > Can you avoid code duplication by adding some logic right after the > kernel cpu_entry_area is set up to iterate page by page over the PTEs > in the cpu_entry_area for that CPU and just install exactly the same > PTEs into the kaiser table? E.g. just call kaiser_add_mapping once > per page but with the parameters read out from the fixmap PTEs > instead of hard coded?
Yes, we could do that. But, what's the gain? We end up removing effectively three (long) lines of code from three kaiser_add_mapping() calls. To do this, we need to special-case the kernel page table walker to deal with PTEs only since we can't just grab PMD or PUD flags and stick them in a PTE. We would only be able to use this path when populating things that we know are 4k-mapped in the kernel. I guess the upside is that we don't open-code the permissions in the KAISER code that *have* to match the permissions that the kernel itself established. It also means that theoretically you could not touch the KAISER code the next time we expand the cpu entry area.
