From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:58038)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <chengang@emindsoft.com.cn>) id 1aJb1Y-0006lf-9s
	for qemu-devel@nongnu.org; Thu, 14 Jan 2016 01:04:45 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <chengang@emindsoft.com.cn>) id 1aJb1T-0002MD-7O
	for qemu-devel@nongnu.org; Thu, 14 Jan 2016 01:04:44 -0500
Received: from out1134-243.mail.aliyun.com ([42.120.134.243]:33079)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <chengang@emindsoft.com.cn>) id 1aJb1S-0002JS-RB
	for qemu-devel@nongnu.org; Thu, 14 Jan 2016 01:04:39 -0500
From: chengang@emindsoft.com.cn
Date: Thu, 14 Jan 2016 14:03:42 +0800
Message-Id: <1452751422-11624-1-git-send-email-chengang@emindsoft.com.cn>
Subject: [Qemu-devel] [PATCH] translate-all.c: Remove writable protection
	feature for tb_alloc_page()
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: pbonzini@redhat.com, crosthwaite.peter@gmail.com, rth@twiddle.net
Cc: peter.maydell@linaro.org, Chen Gang <chengang@emindsoft.com.cn>, qemu-devel@nongnu.org, Chen Gang <gang.chen.5i5j@gmail.com>

From: Chen Gang <chengang@emindsoft.com.cn>

Guest may allocate a readable, writable, and executable page, then write
data on the page, and execute data as code on the page too, then write
anther data still within the page.

So remove this feature from linux-user: it not only consumes a little
performance, but also causes issue with the old Linux kernel under some
of architectures (they will directly generate segment fault for it).

Signed-off-by: Chen Gang <gang.chen.5i5j@gmail.com>
---
 translate-all.c | 29 +----------------------------
 1 file changed, 1 insertion(+), 28 deletions(-)

diff --git a/translate-all.c b/translate-all.c
index 042a857..1b6e95d 100644
--- a/translate-all.c
+++ b/translate-all.c
@@ -1430,34 +1430,7 @@ static inline void tb_alloc_page(TranslationBlock *tb,
     p->first_tb = (TranslationBlock *)((uintptr_t)tb | n);
     invalidate_page_bitmap(p);
 
-#if defined(CONFIG_USER_ONLY)
-    if (p->flags & PAGE_WRITE) {
-        target_ulong addr;
-        PageDesc *p2;
-        int prot;
-
-        /* force the host page as non writable (writes will have a
-           page fault + mprotect overhead) */
-        page_addr &= qemu_host_page_mask;
-        prot = 0;
-        for (addr = page_addr; addr < page_addr + qemu_host_page_size;
-            addr += TARGET_PAGE_SIZE) {
-
-            p2 = page_find(addr >> TARGET_PAGE_BITS);
-            if (!p2) {
-                continue;
-            }
-            prot |= p2->flags;
-            p2->flags &= ~PAGE_WRITE;
-          }
-        mprotect(g2h(page_addr), qemu_host_page_size,
-                 (prot & PAGE_BITS) & ~PAGE_WRITE);
-#ifdef DEBUG_TB_INVALIDATE
-        printf("protecting code page: 0x" TARGET_FMT_lx "\n",
-               page_addr);
-#endif
-    }
-#else
+#if !defined(CONFIG_USER_ONLY)
     /* if some code is already present, then the pages are already
        protected. So we handle the case where only the first TB is
        allocated in a physical page */
-- 
1.9.1