understanding problems with page protection mechanism

[MNemo]

hi,

up to now i mapped every page as writable. i.e. i set the writable bit in every paging entry(pml4e,pdpe,pde,pte). so far no problem.
but now i like to take more advantages of the page protection mechanism.

AMD's System Programming Manual reads:

This bit controls read/write access to all physical pages mapped by the
table entry. For example, a page-map level-4 R/W bit controls read/write access to all 128M
(512 × 512 × 512) physical pages it maps through the lower-level translation tables.

i am confused. each page is mapped via four levels, that means each page has four R/W bits. but which one is taken for protection?

e.g.
a page may be mapped like this: pml4e.writable, pdpe.not_writable, pde.writable, pte.not_writable
is the page writable or is it not? and why? and what is when the page is
mapped like this: pml4e.not_writable, pdpe.writable, pde.not_writable, pte.writable?

thanks for your help

[Brendan]

Hi,

i am confused. each page is mapped via four levels, that means each page has four R/W bits. but which one is taken for protection?

All of them ANDed together. Basically if any read/write bit is clear at any level, then CPL=3 code can't write to the page.

e.g.
a page may be mapped like this: pml4e.writable, pdpe.not_writable, pde.writable, pte.not_writable
is the page writable or is it not? and why?

It's not writable because the at least one of the bits says "not writable".

and what is when the page is
mapped like this: pml4e.not_writable, pdpe.writable, pde.not_writable, pte.writable?

It's not writable either, because the at least one of the bits says "not writable".

The same applies to the user/supervisor flag (if any user/supervisor bit is clear at any level, then CPL=3 code can't access the page). The "no-execute" flag is different - they're ORed together (if any NX bit at any level is set, then you can't execute code in that page).


Cheers,

Brendan

[MNemo]

ok.
thx for your answer and the quick replay