Comment by rui314
5 years ago
By execute-only segment, you mean a segment which is not readable but executable, right?
If so, that's a relatively new CPU security feature. I think some ARM processors support it, but AFAIK x86 doesn't support it at the moment. On x86, if you make a page executable, it automatically makes the page readable. R and X bits are not separated in the page table. I bet Intel and AMD will ad NR bit (no read bit - analogous to NX bit) soon, though.
Intel slide deck here: https://linuxplumbersconf.org/event/4/contributions/283/atta...
If they really support it, I didn't pay too close attention, but at least it's on their mind.
Ooh, I didn't know that x86 had such feature. But is this virtualization only?