Re: Do x86 NX and AMD prefetch check cause page fault infinite loop?
From: Jamie Lokier
Date: Thu Jul 01 2004 - 10:06:21 EST
Ingo Molnar wrote:
> -#ifdef CONFIG_X86_PAE
> - {
> - pgd_t *pgd;
> - pmd_t *pmd;
> - pgd = init_mm.pgd + pgd_index(address);
> - if (pgd_present(*pgd)) {
> - pmd = pmd_offset(pgd, address);
> - if (pmd_val(*pmd) & _PAGE_NX)
> - printk(KERN_CRIT "kernel tried to access NX-protected page - exploit attempt? (uid: %d)\n", current->uid);
> - }
> - }
> -#endif
> + if (nx_enabled && (error_code & 16))
> + printk(KERN_CRIT "kernel tried to execute NX-protected page - exploit attempt? (uid: %d)\n", current->uid);
According to AMD's manual, bit 4 of error_code means the fault was due
to an instruction fetch. It doesn't imply that it's an NX-protected
page: it might be a page not present fault instead. (The manual
doesn't spell that out, it just says the bit is set when it's an
instruction fetch).
Just so you realise that the above code fragments aren't logically
equivalent.
-- Jamie
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/