How are memory segment permissions set in Linux x86_64 and x86

Question

I've been trying to figure this out for awhile now. I've read that Linux uses paging and DEP is enforced by marking a page as non executable. But what about the permissions read/write? How does the global descriptor table and segment registers come into play? I read that the global and local descriptor tables contain the permissions for each segment. So is it the tables that control permissions or the VM area structs maintained by the kernel?

Answer 1

x86 segment registers don't come into play here (except FS or GS for thread-local storage). Segmentation isn't used to control read/write, that's done on a per-page basis with page-table entries.

Linux keeps track of mappings in its own data structures separate from the hardware page tables, to figure out what to put in the HW page tables.

A hardware page table entry (one per page) has a bit for read-only vs. read-write. This existed even in the legacy page-table format, before the new (PAE and x86-64 long mode) page table format introduced a No-eXecute bit for DEP.

See Why in 64bit the virtual address are 4 bits short (48bit long) compared with the physical address (52 bit long)? for a diagram of the x86-64 page table format, and links to more docs.

The 32-bit mode PAE page tables are basically the same. See https://wiki.osdev.org/Paging#MMU for a breakdown of the bits, specifically the R bit in each hardware PTE controls what the hardware does.