Hi Jensen, The ARM kernel recently gained support for the so-called "execute never" (XN) mappings. The commit you've linked takes advantage of this support to map some userspace pages of the root task as non-executable when they are not expected to host code. Some of this mapping code is in architecture-independent files, hence the addition of an extra argument to functions like `create_mapped_it_frame_cap`, even though this goes unused on IA32. The corresponding feature on IA32 would be "execute disable" (XD). When we added XN support to seL4, it was to support some work on information flow properties and we only needed the functionality on ARM so we didn't implement XD support at the same time. New features are mostly implemented on-demand, so XD support may be added in future and we would also welcome pull requests that implement it :) Thanks, Matt On 13/03/15 16:30, Jensen Zhang wrote:

Hello,

I found there are several little changes on the latest commit of seL4 kernel [1]. And you just changed the define of function "map_it_frame_cap" for arm, but not for ia32. I just wonder whether there are any further considerations, or it's just a mistake :)

Thanks,

[1] https://github.com/seL4/seL4/commit/4f12acd2703183c9f44fe097589b53eb53c599eb

--

Jensen Zhang Tongji University

_______________________________________________ Devel mailing list Devel@sel4.systems https://sel4.systems/lists/listinfo/devel

________________________________ The information in this e-mail may be confidential and subject to legal professional privilege and/or copyright. National ICT Australia Limited accepts no liability for any damage caused by this email or its attachments.