[12748] in bugtraq
Page table protection on Intel
daemon@ATHENA.MIT.EDU (Jason Spence)
Fri Nov 26 20:46:22 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <383F04D9.C55A8B70@technologist.com>
Date: Fri, 26 Nov 1999 14:08:25 -0800
Reply-To: Jason Spence <thalakan@TECHNOLOGIST.COM>
From: Jason Spence <thalakan@TECHNOLOGIST.COM>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In followup to the discussion about page protection on the
Intel architecture, I got out a copy of the Linux kernel
source and started poking through it. There's a comment in
include/asm-i386/pgtable.h with all the #defines for the
bit values in the protected mode pages which says that
the x86 can't distinguish between execute and read for pages.
It also says that write permissions imply read permissions.
Looking at it more closely, I don't think that it is
feasable to efficiently do either write-only or
read-but-not-execute in the x86's page table system.
Go get a copy of the latest revision of the Intel
software developer's manual, section 3, and look at page
3-14, which lays out the protection rules for *segments*,
not pages. There is no execute protection for individual
pages, only write protection.
