> On Jan 5, 2018, at 11:28 AM, Borislav Petkov <b...@alien8.de> wrote: > >> On Fri, Jan 05, 2018 at 11:22:21AM -0800, Andy Lutomirski wrote: >> It's emulated! We catch the page fault and fake the whole thing :) > > Then I'm really confused. It says "ro" above, which means _PAGE_RW is > not set so page is read-only. > > I must be missing something... >
It's meant to be read-only, user-acccessible, NX as far as the CPU is concerned. When user code calls it, we get an instruction fetch fault, and the kernel fixes it up. > -- > Regards/Gruss, > Boris. > > Good mailing practices for 400: avoid top-posting and trim the reply.
