Emulating cpu page protection in userspace

Arun KS getarunks at gmail.com
Thu May 16 03:51:30 EDT 2013


Hi Manish,

On Thu, May 16, 2013 at 4:01 AM, Manish Katiyar <mkatiyar at gmail.com> wrote:
> Hi,
>
> This is really not a linux kernel question, but I guess there are enough OS
> specialists on this thread that someone can point me in the right direction.
>
> Some context
> ----------------------
> On normal hardware machines its possible to change the page table flags to
> make a particular 4K page area as readonly or readwrite. This is generally
> used for protecting against memory corruptions. Now even if you have
> READONLY flags set in the page table, its possible to change the control
> register of a particular cpu (in a multicore system) such that, that cpu
> will not cause a fault/trap if you try to modify the contents of the page.
> What this means is let's say I have 4 cpus, and I change the control
> register on cpu-1, only cpu-1 will see the page as readwrite and others will
> see it as readonly.
>
> I've seen that this behavior is honoured in virtualised vmware environments
> too, so I'm assuming that this cpu behavior is getting simulated somehow.
>
> My problem is that I want to simulate the same behavior in userspace, where
> my 4 cpus map to 4 pthreads. I change the permissions of my memory area
> using mprotect() but then I also want to have a similar capability where I
> can flip/change something in one of the threads and that thread should be
> able to modify the region, while for other pthreads it is still a readonly
> page.

I dont think it is possible. Because, if you ask mprotect() to make
some page as writable which was already made as Readonly by some other
process, you will get an EACCES error.

Of course anything is possible in software, you can hack your kernel
to edit the page table of processes in such a way that, the one
running in cpu0 to be only read only. Because each process has their
on page table. But you have to set the cpu affinity so that the
process will not jump to the any other core.

Warning: ARM warns of unpredictable behavior for dual mapping of same memory.

Thanks,
Arun

> Any suggestions how vmware or other virtualised environments do this, or is
> this even possible ? Any pointers to the code is appreciated. (Sorry no
> locking/synchronisation solutions pls).
>
> --
> Thanks -
> Manish
>
> _______________________________________________
> Kernelnewbies mailing list
> Kernelnewbies at kernelnewbies.org
> http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
>



More information about the Kernelnewbies mailing list