Solved: Inconsistency between sections 4.6.1 and 4.6.2 Vol 3A (Paging)

Mohan__Vish · ‎02-16-2016

I am writing to point out (what looks to me) an inconsistency between sections 4.6.1(Access Rights) and Section 4.6.2 (Protection Keys) in Vol 3A.

Order Number: 325462-057US
December 2015

1. Reading 4.6.1 suggests that a supervisor mode data write to a user mode address when smap=0 and wp=0 is not allowed for those user mode addresses whose protection keys do not allow write access.

2. Reading 4.6.2 suggests that if wp=0, WDi has no effect on a supervisor mode write access to a user mode access for protection key i.

Any clarification is appreciated.

From 4.6.1:

Data writes to user-mode addresses.
Access rights depend on the value of CR0.WP:
• If CR0.WP = 0, access rights depend on the value of CR4.SMAP:
— If CR4.SMAP = 0, data may be written to any user-mode address with a protection key for which
write access is permitted.

From 4.6.2 :

Use of the protection key i of a user-mode address depends on the value of the PKRU register:

........

Supervisor-mode write accesses are not permitted if CR0.WP = 1. (If CR0.WP = 0, WDi does not affect
supervisor-mode write accesses to user-mode addresses with protection key i.)

David_K_Intel2 · ‎02-22-2016

Section 4.6.1 does not specify how protection keys are used to determine if an access is permitted. Instead, Section 4.6.1 refers to the conditions when protection keys are used to determine if an access is permitted. In the example “data may be written to any user-mode address with a protection key for which write access is permitted” specifies that protection keys is used in this case.

The exact conditions how protection keys are used to determine if an access is permitted is given exclusively on Section 4.6.2. The relevant portion of 4.6.2 specify:

Use of the protection key i of a user-mode address depends on the value of the PKRU register:

If ADi = 1, no data accesses are permitted.
If WDi = 1, permission may be denied to certain data write accesses:
- User-mode write accesses are not permitted.
- Supervisor-mode write accesses are not permitted if CR0.WP = 1. (If CR0.WP = 0, WDi does not affect supervisor-mode write accesses to user-mode addresses with protection key i.)

For the specific case in your question: when CR0.WP=0, supervisor-mode write accesses to a user-mode address with protection key i are not permitted if the ADi bit is 1, and are not affected by the WDi bit.

View solution in original post

David_K_Intel2 · ‎02-22-2016

Section 4.6.1 does not specify how protection keys are used to determine if an access is permitted. Instead, Section 4.6.1 refers to the conditions when protection keys are used to determine if an access is permitted. In the example “data may be written to any user-mode address with a protection key for which write access is permitted” specifies that protection keys is used in this case.

The exact conditions how protection keys are used to determine if an access is permitted is given exclusively on Section 4.6.2. The relevant portion of 4.6.2 specify:

Use of the protection key i of a user-mode address depends on the value of the PKRU register:

If ADi = 1, no data accesses are permitted.
If WDi = 1, permission may be denied to certain data write accesses:
- User-mode write accesses are not permitted.
- Supervisor-mode write accesses are not permitted if CR0.WP = 1. (If CR0.WP = 0, WDi does not affect supervisor-mode write accesses to user-mode addresses with protection key i.)

For the specific case in your question: when CR0.WP=0, supervisor-mode write accesses to a user-mode address with protection key i are not permitted if the ADi bit is 1, and are not affected by the WDi bit.