For more details, see [[#Notes]]. Here comes a summary.
For more details, see [[#Notes]]. Here comes a summary.
−
PXN bit is set in the MMU descriptor for userland code pages. This means that userland code pages are not executable in kernel mode (equivalent to SMEP on x86).
+
PXN bit is set in the MMU descriptor for userland code pages. This means that userland code pages are not executable in kernel mode (this is equivalent to SMEP on x86).
−
For userland pages, the kernel has same access as userland (either both are read-only or both are read-write). This rule has one exception: pages that are mapped unreadable in usermode are still forced readable from kernelmode. Thus it does not have SMAP.
+
For userland pages, the kernel has same access as userland (either both are read-only or both are read-write). It does not have SMAP. The previous rule has one exception: pages that are mapped unreadable in usermode are still forced readable from kernelmode.