On Fri, 5 Aug 2022 at 18:33, Ilya Leoshkevich <i...@linux.ibm.com> wrote:
>
> After mprotect(addr, PROT_NONE), addr can still be executed if there
> are cached translations. Drop them.
>
> Signed-off-by: Ilya Leoshkevich <i...@linux.ibm.com>
> ---
> accel/tcg/translate-all.c | 17 ++++++++++++-----
> 1 file changed, 12 insertions(+), 5 deletions(-)
>
> diff --git a/accel/tcg/translate-all.c b/accel/tcg/translate-all.c
> index ef62a199c7..9318ada6b9 100644
> --- a/accel/tcg/translate-all.c
> +++ b/accel/tcg/translate-all.c
> @@ -2295,12 +2295,19 @@ void page_set_flags(target_ulong start, target_ulong
> end, int flags)
> len != 0;
> len -= TARGET_PAGE_SIZE, addr += TARGET_PAGE_SIZE) {
> PageDesc *p = page_find_alloc(addr >> TARGET_PAGE_BITS, 1);
> + bool write_set, read_cleared;
>
> - /* If the write protection bit is set, then we invalidate
> - the code inside. */
> - if (!(p->flags & PAGE_WRITE) &&
> - (flags & PAGE_WRITE) &&
> - p->first_tb) {
> + /*
> + * If the write protection bit is set, then we invalidate the code
> + * inside.
> + */
> + write_set = !(p->flags & PAGE_WRITE) && (flags & PAGE_WRITE);
> + /*
> + * If PAGE_READ is cleared, we also need to invalidate the code in
> + * order to force a fault when trying to run it.
> + */
> + read_cleared = (p->flags & PAGE_READ) && !(flags & PAGE_READ);
Isn't it architecture-dependent whether you need PAGE_READ
to execute code ? How about PAGE_EXEC ?
thanks
-- PMM
