Skip to content

Add support for XN vm attributes#86

Open
nspin wants to merge 1 commit intoseL4:masterfrom
nspin:pr/xn-vm-attr
Open

Add support for XN vm attributes#86
nspin wants to merge 1 commit intoseL4:masterfrom
nspin:pr/xn-vm-attr

Conversation

@nspin
Copy link
Copy Markdown
Member

@nspin nspin commented Mar 24, 2026

This includes removing the use of the grant permission to encode executable permissions for frames. The kernel does not use the grant permission to determine whether a frame is executable, so this encoding was not doing anything.

Motivated by seL4/rust-sel4#280 (comment)

@lsf37
Copy link
Copy Markdown
Member

lsf37 commented Mar 25, 2026

The kernel does not use the grant permission to determine whether a frame is executable, so this encoding was not doing anything.

Hm, I need to look into what the capDL formalisation does with this. It's possible that the Haskell version here was an early attempt to model NX that never got carried through to the rest of the model and implementation.

@nspin
add support for XN vm attributes
dd3f64b 
This includes removing the use of the grant permission to encode
executable permissions for frames. The kernel does not use the grant
permission to determine whether a frame is executable, so this encoding
was not doing anything.

Signed-off-by: Nick Spinale <nick@nickspinale.com>
@kent-mcleod
Copy link
Copy Markdown
Member

kent-mcleod commented Mar 27, 2026

How would this impact the C capdl loader app? It does respect the lack of grant right to set execute never on the ARM page mappings here I think: https://github.com/seL4/capdl/blob/master/capdl-loader-app/src/main.c#L1496-L1500

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@nspin @lsf37 @kent-mcleod