Huawei review of different PMP enhancement schemes

John Hauser

Nick Kossifidis wrote:
You've excluded the possibility of having a region that's writeable by
S/U and executable by M mode at the same time. However it's possible for
S/U to put code on a R/W region and then request from M-mode to mark
that region as R-X with PL=0, in which case this will also make the
region executable by M-mode. The restriction of not being able to add
new regions that are executable by M-mode only applies to MSL=3, not on
MSL < 3. [...]
All of the other proposals, including the one you favor, have this
exact same property when MML = 0. As I wrote in my document, and
have tried repeatedly to make clear, the settings of MSL below 3 are
intended to be used only during circumstances when MML is 0 under the
other proposals.

Instead of setting MML = 1, my proposal requires that a programmer set
MSL = 3. I cannot believe that such a substitution is beyond the grasp
of programmers who are otherwise entrusted to write security-conscious

- John Hauser