And I should have prefaced this with: the reason we have to use PKU is
because it's the only way we can get a read-deny bit on Intel, that
still allows instruction fetches. Otherwise, PROT_EXEC implies PROT_READ.
Dave Voutila writes:
> Marc Espie writes:
>
>> I'm curious about the new
Marc Espie writes:
> I'm curious about the new enforcement strategies. Unfortunately I'm a bit
> lost in the 1000+ pages of the intel manual.
The protection keys documentation is thin because it's just another
layer in the rules for paging. I'll try to summarize and I'm sure
someone will
On Tue, Jan 31, 2023 at 11:27:17AM +0100, Marc Espie wrote:
> I'm curious about the new enforcement strategies. Unfortunately I'm a bit
> lost in the 1000+ pages of the intel manual.
>
> Could someone point me to the document that describes PKU, specifically ?
Well the intel SDM is surely the