Re: Do x86 NX and AMD prefetch check cause page fault infinite loop?

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Jamie Lokier <jamie@shareable.org>
To: Ingo Molnar <mingo@elte.hu>
Cc: linux-kernel@vger.kernel.org
Subject: Re: Do x86 NX and AMD prefetch check cause page fault infinite loop?
Date: Wed, 30 Jun 2004 15:21:16 +0100	[thread overview]
Message-ID: <20040630142116.GC29285@mail.shareable.org> (raw)
In-Reply-To: <20040630055041.GA16320@elte.hu>

Ingo Molnar wrote:
> i understand what you mean, but for this to trigger one would have to
> trigger the prefetch erratum _and_ then turn off executability in
> parallel, right? So the question is, is there a reliable way to trigger
> the pagefault situation, and if yes, how do you turn on NX - because
> right before the fault the instruction had to be executable.

No need for anything in parallel.

I think you can trigger it by jumping to a non-PROT_EXEC page where
the target address is a prefetch -- or by falling through from the end
of a PROT_EXEC page to a non-PROT_EXEC one.

To be sure both cases are obscure, but the resulting loop is still wrong.

Who knows, perhaps internal conditions of the chip prevent these
particular prefetches from triggering the fault.  After all, we're
told that on returning from the fault handler, the prefetch won't
fault again, and it's not obvious why that should be.  It'd be very
subtle though, and deserve a comment.

-- Jamie

next prev parent reply	other threads:[~2004-06-30 14:23 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-06-30  1:38 Do x86 NX and AMD prefetch check cause page fault infinite loop? Jamie Lokier
2004-06-30  5:50 ` Ingo Molnar
2004-06-30 14:21   ` Jamie Lokier [this message]
2004-06-30 14:38   ` Jamie Lokier
2004-07-01  1:48     ` Jamie Lokier
2004-07-01  6:32       ` Ingo Molnar
2004-07-01 15:04         ` Jamie Lokier
2004-07-02  7:15           ` Ingo Molnar
2004-07-02  8:50           ` [patch] i386 nx prefetch fix & cleanups, 2.6.7-mm5 Ingo Molnar
2004-06-30  6:10 ` Do x86 NX and AMD prefetch check cause page fault infinite loop? Denis Vlasenko
2004-06-30 14:23   ` Jamie Lokier

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20040630142116.GC29285@mail.shareable.org \
    --to=jamie@shareable.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@elte.hu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox