On Thu, Nov 9, 2017 at 4:57 PM, Dave Hansen <dave.han...@linux.intel.com> wrote: > On 11/09/2017 04:53 PM, Andy Lutomirski wrote: >>> The KAISER code attempts to "poison" the user portion of the kernel page >>> tables. It detects the entries pages that it wants that it wants to >>> poison in two ways: >>> * Looking for addresses >= PAGE_OFFSET >>> * Looking for entries without _PAGE_USER set >> What do you mean "poison"? > > I meant the _PAGE_NX magic that we do in here: > > https://git.kernel.org/pub/scm/linux/kernel/git/daveh/x86-kaiser.git/commit/?h=kaiser-414rc7-20171108&id=c4f7d0819170761f092fcf2327b85b082368e73a > > to ensure that userspace is unable to run on the kernel PGD.
Aha, I get it. Why not just drop the _PAGE_USER check? You could instead warn if you see a _PAGE_USER page that doesn't have the correct address for the vsyscall.
