Re: [PATCH] [RFCv3] add manpages for Memory Protection Keys

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Dave,

On 06/01/2016 07:16 PM, Dave Hansen wrote:
> From: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
> 
> Changes from last version:
>  * clarified that calling pkey_free() on a pkey in use by
>    a mapping is bad.
> 
> Memory Protection Keys for User pages is an Intel CPU feature
> which will first appear on Skylake Servers, but will also be
> supported on future non-server parts (there is also a QEMU
> implementation).  It provides a mechanism for enforcing
> page-based protections, but without requiring modification of the
> page tables when an application wishes to change permissions.
> 
> I have propsed adding five new system calls to support this feature.
> The five calls are distributed across three man-pages (one existing
> and 2 new), plus a new pkey(7) page which serves as a general
> overview of the feature.
> 
> The system calls for this feature are not currently upstream but
> can be found here:
> 
> 	http://git.kernel.org/cgit/linux/kernel/git/daveh/x86-pkeys.git/

Some general points:

* It would be better if this patch was split out into pieces, one 
  for each new syscall man page, and one for each changed existing 
  page.
* The patch doesn't apply as given. It would be great to get a parch
  against the latest man-pages version.

Would you be willing to take care of the above for a future patch?

Some specific comments below.

> Signed-off-by: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
> Cc: mtk.manpages@xxxxxxxxx
> Cc: linux-man@xxxxxxxxxxxxxxx
> Cc: linux-api@xxxxxxxxxxxxxxx
> Cc: x86@xxxxxxxxxx
> ---
>  man2/mprotect.2   |  45 ++++++++++++-
>  man2/pkey_alloc.2 | 103 +++++++++++++++++++++++++++++
>  man2/pkey_get.2   | 110 +++++++++++++++++++++++++++++++
>  man2/sigaction.2  |   9 +++
>  man5/proc.5       |   8 +++
>  man7/pkey.7       | 192 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
>  6 files changed, 464 insertions(+), 3 deletions(-)
>  create mode 100644 man2/pkey_alloc.2
>  create mode 100644 man2/pkey_get.2
>  create mode 100644 man7/pkey.7
> 
> diff --git a/man2/mprotect.2 b/man2/mprotect.2
> index ae305f6..742af70 100644
> --- a/man2/mprotect.2
> +++ b/man2/mprotect.2
> @@ -29,6 +29,7 @@
>  .\" Modified 2004-08-16 by Andi Kleen <ak@xxxxxx>
>  .\" 2007-06-02, mtk: Fairly substantial rewrites and additions, and
>  .\" a much improved example program.
> +.\" 2016-03-03, added pkey_mprotect, Dave Hansen <dave@xxxxxxxx>

These days, we don't bother with internal changelogs, since there's 
the git log, so the previous change can be removed.

>  .\"
>  .\" FIXME The following protection flags need documenting:
>  .\"         PROT_SEM
> @@ -38,16 +39,19 @@
>  .\"
>  .TH MPROTECT 2 2015-07-23 "Linux" "Linux Programmer's Manual"
>  .SH NAME
> -mprotect \- set protection on a region of memory
> +mprotect, pkey_mprotect \- set protection on a region of memory
>  .SH SYNOPSIS
>  .nf
>  .B #include <sys/mman.h>
>  .sp
>  .BI "int mprotect(void *" addr ", size_t " len ", int " prot );
> +.BI "int pkey_mprotect(void *" addr ", size_t " len ", int " prot ", int " pkey ");
>  .fi
>  .SH DESCRIPTION
>  .BR mprotect ()
> -changes protection for the calling process's memory page(s)
> +and
> +.BR pkey_mprotect ()
> +change protection for the calling process's memory page(s)
>  containing any part of the address range in the
>  interval [\fIaddr\fP,\ \fIaddr\fP+\fIlen\fP\-1].
>  .I addr
> @@ -74,10 +78,19 @@ The memory can be modified.
>  .TP
>  .B PROT_EXEC
>  The memory can be executed.
> +.PP
> +.I pkey
> +is the protection key to assign to the memory.
> +A pkey must be allocated with
> +.BR pkey_alloc (2)
> +before it is passed to
> +.BR pkey_mprotect ().
>  .SH RETURN VALUE
>  On success,
>  .BR mprotect ()
> -returns zero.
> +and
> +.BR pkey_mprotect ()
> +return zero.
>  On error, \-1 is returned, and
>  .I errno
>  is set appropriately.
> @@ -95,6 +108,8 @@ to mark it
>  .B EINVAL
>  \fIaddr\fP is not a valid pointer,
>  or not a multiple of the system page size.
> +Or: \fIpkey\fP has not been allocated with
> +.BR pkey_alloc (2)
>  .\" Or: both PROT_GROWSUP and PROT_GROWSDOWN were specified in 'prot'.
>  .TP
>  .B ENOMEM
> @@ -165,6 +180,29 @@ but at a minimum can allow write access only if
>  has been set, and must not allow any access if
>  .B PROT_NONE
>  has been set.
> +
> +Applications should be careful when mixing use of
> +.BR mprotect ()
> +and
> +.BR pkey_mprotect () .
> +On x86, when
> +.BR mprotect ()
> +is used with
> +.IR prot
> +set to
> +.B PROT_EXEC
> +a pkey is may be allocated and set on the memory implicitly
> +by the kernel, but only when the pkey was 0 previously.
> +
> +On systems that do not support protection keys in hardware,
> +.BR pkey_mprotect ()
> +may still be used, but
> +.IR pkey
> +must be set to 0.  When called this way, the operation of

The convention for man-pages is that new sentences always start 
of new source lines. (This makes subsequent patches less "noisy", 
since the common unit of change in a text is a sentence.)
Could you fix this throughout please?

> +.BR pkey_mprotect ()
> +is equivalent to
> +.BR mprotect ().
> +

Remove preceding blank line.

>  .SH EXAMPLE
>  .\" sigaction.2 refers to this example
>  .PP
> @@ -246,3 +284,4 @@ main(int argc, char *argv[])
>  .SH SEE ALSO
>  .BR mmap (2),
>  .BR sysconf (3)
> +.BR pkey (7)
> diff --git a/man2/pkey_alloc.2 b/man2/pkey_alloc.2
> new file mode 100644
> index 0000000..e931f82
> --- /dev/null
> +++ b/man2/pkey_alloc.2
> @@ -0,0 +1,103 @@
> +.\" Copyright (C) 2016 Intel Corporation
> +.\"
> +.\" %%%LICENSE_START(VERBATIM)
> +.\" Permission is granted to make and distribute verbatim copies of this
> +.\" manual provided the copyright notice and this permission notice are
> +.\" preserved on all copies.
> +.\"
> +.\" Permission is granted to copy and distribute modified versions of this
> +.\" manual under the conditions for verbatim copying, provided that the
> +.\" entire resulting derived work is distributed under the terms of a
> +.\" permission notice identical to this one.
> +.\"
> +.\" Since the Linux kernel and libraries are constantly changing, this
> +.\" manual page may be incorrect or out-of-date.  The author(s) assume no
> +.\" responsibility for errors or omissions, or for damages resulting from
> +.\" the use of the information contained herein.  The author(s) may not
> +.\" have taken the same level of care in the production of this manual,
> +.\" which is licensed free of charge, as they might when working
> +.\" professionally.
> +.\"
> +.\" Formatted or processed versions of this manual, if unaccompanied by
> +.\" the source, must acknowledge the copyright and author of this work.
> +.\" %%%LICENSE_END
> +.\"
> +.\" Created 2016-03-03 by Dave Hansen <dave@xxxxxxxx>
> +.\"
> +.\"
> +.TH PKEY_ALLOC 2 2016-03-03 "Linux" "Linux Programmer's Manual"
> +.SH NAME
> +pkey_alloc, pkey_free \- allocate or free a protection key
> +.SH SYNOPSIS
> +.nf
> +.B #include <sys/mman.h>
> +.sp
> +.BI "int pkey_alloc(unsigned long " flags ", unsigned long " access_rights ");"
> +.BI "int pkey_free(int " pkey ");"
> +.fi
> +.SH DESCRIPTION
> +.BR pkey_alloc ()
> +allocates a protection key and allows it to be passed to
> +the other interfaces that accept a protection key like
> +.BR pkey_mprotect (),
> +.BR pkey_set ()
> +and
> +.BR pkey_get ().
> +.PP
> +.BR pkey_free ()
> +frees a protection key and makes it available to later

s/to/for/

> +allocations.  After a protection key has been freed, it may

The convention for man-pages is that new sentences always start 
of new source lines. Could you fix this throughout please?

> +no longer be used in any protection-key-related operations.
> +.PP
> +.RB ( pkey_alloc ())
> +.I flags
> +may contain zero or more disable operations:

Why "zero or more" rather than "zero or one"? I mean:
what sense could it make to OR together PKEY_DISABLE_ACCESS and
PKEY_DISABLE_WRITE?

> +.TP
> +.B PKEY_DISABLE_ACCESS
> +Disable all data access to memory covered by the returned protection key.
> +.TP
> +.B PKEY_DISABLE_WRITE
> +Disable write access to memory covered by the returned protection key.
> +.SH RETURN VALUE
> +On success,
> +.BR pkey_alloc ()
> +returns a positive protection key value.
> +.BR pkey_free ()
> +returns zero.
> +On error, \-1 is returned, and
> +.I errno
> +is set appropriately.
> +.SH ERRORS
> +.TP
> +.B EINVAL
> +.IR pkey ,
> +.IR flags ,
> +or
> +.I access_rights
> +is invalid.
> +.TP
> +.B ENOSPC
> +.(RB pkey_alloc ())
> +All protection keys available for the current process have
> +been allocated.  The number of keys available is architecture

s/architecture/architecture-specific/

> +an implementation-specfic and may be reduced by kernel-internal

s/an/and/

> +use of certain keys.  There are currently 15 keys available to
> +user programs on x86.
> +.SH VERSIONS
> +.BR pkey_alloc ()
> +and
> +.BR pkey_free ()
> +were added to Linux in kernel <FIXME>;
> +library support was added to glibc in version <FIXME>.
> +.SH CONFORMING TO
> +The
> +.BR pkey_alloc ()
> +and
> +.BR pkey_free ()
> +system calls are Linux-specific.
> +.SH
> +.SH SEE ALSO
> +.BR pkey_get (2),
> +.BR pkey_mprotect (2),
> +.BR pkey_set (2),
> +.BR pkey (7)
> diff --git a/man2/pkey_get.2 b/man2/pkey_get.2
> new file mode 100644
> index 0000000..ece9c46
> --- /dev/null
> +++ b/man2/pkey_get.2
> @@ -0,0 +1,110 @@
> +.\" Copyright (C) 2016 Intel Corporation
> +.\"
> +.\" %%%LICENSE_START(VERBATIM)
> +.\" Permission is granted to make and distribute verbatim copies of this
> +.\" manual provided the copyright notice and this permission notice are
> +.\" preserved on all copies.
> +.\"
> +.\" Permission is granted to copy and distribute modified versions of this
> +.\" manual under the conditions for verbatim copying, provided that the
> +.\" entire resulting derived work is distributed under the terms of a
> +.\" permission notice identical to this one.
> +.\"
> +.\" Since the Linux kernel and libraries are constantly changing, this
> +.\" manual page may be incorrect or out-of-date.  The author(s) assume no
> +.\" responsibility for errors or omissions, or for damages resulting from
> +.\" the use of the information contained herein.  The author(s) may not
> +.\" have taken the same level of care in the production of this manual,
> +.\" which is licensed free of charge, as they might when working
> +.\" professionally.
> +.\"
> +.\" Formatted or processed versions of this manual, if unaccompanied by
> +.\" the source, must acknowledge the copyright and author of this work.
> +.\" %%%LICENSE_END
> +.\"
> +.\" Created 2016-03-03 by Dave Hansen <dave@xxxxxxxx>
> +.\"
> +.\"
> +.TH PKEY_GET 2 2016-03-03 "Linux" "Linux Programmer's Manual"
> +.SH NAME
> +pkey_get, pkey_set \- manage protection key access permissions
> +.SH SYNOPSIS
> +.nf
> +.B #include <sys/mman.h>
> +.sp
> +.BI "int pkey_get(int " pkey ", unsigned long " flags ");
> +.BI "int pkey_set(int " pkey ", unsigned long " access_rights ", unsigned long " flags ");"
> +.fi
> +.SH DESCRIPTION
> +.BR pkey_set ()
> +sets the current set of rights for the calling
> +thread for the protection key specified by
> +.IR pkey .
> +When rights for a key are disabled, any future access
> +to any memory region with that key set will generate a
> +.B SIGSEGV
> +signal.
> +Access rights are private to each thread.
> +.PP
> +.I access_rights
> +may contain zero or more disable operations:

See my earlier comments on "zero or more".

> +.TP
> +.B PKEY_DISABLE_ACCESS
> +Disable all access to memory protected by the specified protection key.
> +.TP
> +.B PKEY_DISABLE_WRITE
> +Disable write access to memory protected by the specified protection key.
> +.SH RETURN VALUE
> +On success,
> +.BR pkey_set ()
> +returns zero.
> +.BR pkey_get ()
> +returns a mask containing zero or more of the disable operations
> +listed above.
> +On error, \-1 is returned, and
> +.I errno
> +is set appropriately.
> +.SH ERRORS
> +.TP
> +.B EINVAL
> +.I pkey
> +or
> +.I access_rights
> +is invalid.
> +.SH NOTES
> +When any signal handler is invoked, the thread is temporarily
> +given a new, default set of protection key rights that override
> +whatever rights were set in the interrupted context.  The
> +thread's protection key rights are restored when the signal
> +handler returns.
> +
> +The effects of a call to
> +.BR pkey_set ()
> +from a signal handler will not persist when control passes out of
> +the signal handler.
> +This is true both when the handler returns to a normal,
> +nonsignal context, and when the signal handler is interrupted
> +by another signal handler.
> +
> +This signal behavior is unusual and is due to the fact that
> +the x86 PKRU register (which stores \fIaccess_rights\fP)
> +is managed with the same hardware mechanism (XSAVE) that
> +manages floating point registers.  The signal behavior is

s/floating point/floating-point/
(and in next line)

> +the same as that of a floating point register.
> +.SH VERSIONS
> +.BR pkey_get ()
> +and
> +.BR pkey_set ()
> +were added to Linux in kernel <FIXME>;
> +library support was added to glibc in version <FIXME>.
> +.SH CONFORMING TO
> +The
> +.BR pkey_get ()
> +and
> +.BR pkey_set ()
> +system calls are Linux-specific.
> +.SH SEE ALSO
> +.BR pkey_alloc (2),
> +.BR pkey_free (2),
> +.BR pkey_mprotect (2),
> +.BR pkey (7),
> diff --git a/man2/sigaction.2 b/man2/sigaction.2
> index 3704e74..ed5b874 100644
> --- a/man2/sigaction.2
> +++ b/man2/sigaction.2
> @@ -45,6 +45,7 @@
>  .\" 2010-06-11 mtk, improvements to discussion of various siginfo_t fields.
>  .\" 2015-01-17, Kees Cook <keescook@xxxxxxxxxxxx>
>  .\"	Added notes on ptrace SIGTRAP and SYS_SECCOMP.
> +.\" 2016-03-10, Dave Hansen, add si_pkey
>  .\"
>  .TH SIGACTION 2 2015-08-08 "Linux" "Linux Programmer's Manual"
>  .SH NAME
> @@ -305,6 +306,8 @@ siginfo_t {
>                                (since Linux 3.5) */
>      unsigned int si_arch;  /* Architecture of attempted system call
>                                (since Linux 3.5) */
> +    unsigned int si_pkey;  /* Protection key set on si_addr
> +                              (since Linux <FIXME>) */
>  }
>  .fi
>  .in
> @@ -620,6 +623,12 @@ Address not mapped to object.
>  .TP
>  .B SEGV_ACCERR
>  Invalid permissions for mapped object.
> +.TP
> +.B SEGV_PKUERR
> +Access was denied by memory protection keys.  See:
> +.BR pkeys (7).
> +The protection key which applied to this access is available via
> +.I si_pkey
>  .RE
>  .PP
>  The following values can be placed in
> diff --git a/man5/proc.5 b/man5/proc.5
> index 768d920..e3132a1 100644
> --- a/man5/proc.5
> +++ b/man5/proc.5
> @@ -47,6 +47,7 @@
>  .\"     and /proc/[pid]/fdinfo/*.
>  .\" 2008-06-19, mtk, Documented /proc/[pid]/status.
>  .\" 2008-07-15, mtk, added /proc/config.gz
> +.\" 2016-03-10, Dave Hansen, added ProtectionKey to /proc/[pid]/smaps
>  .\"
>  .\" FIXME . cross check against Documentation/filesystems/proc.txt
>  .\" to see what information could be imported from that file
> @@ -1471,6 +1472,13 @@ The codes are the following:
>      nh  - no-huge page advise flag
>      mg  - mergeable advise flag
>  
> +"ProtectionKey" field contains the memory protection key (see
> +.BR pkeys (5))
> +associated with the virtual memory area.  Only present if the
> +kernel was built with the
> +.B CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS
> +configuration option. (since Linux 4.6)
> +
>  The
>  .IR /proc/[pid]/smaps
>  file is present only if the
> diff --git a/man7/pkey.7 b/man7/pkey.7
> new file mode 100644
> index 0000000..815ad7f
> --- /dev/null
> +++ b/man7/pkey.7
> @@ -0,0 +1,192 @@
> +.\" Copyright (C) 2016 Intel Corporation
> +.\"
> +.\" %%%LICENSE_START(VERBATIM)
> +.\" Permission is granted to make and distribute verbatim copies of this
> +.\" manual provided the copyright notice and this permission notice are
> +.\" preserved on all copies.
> +.\"
> +.\" Permission is granted to copy and distribute modified versions of this
> +.\" manual under the conditions for verbatim copying, provided that the
> +.\" entire resulting derived work is distributed under the terms of a
> +.\" permission notice identical to this one.
> +.\"
> +.\" Since the Linux kernel and libraries are constantly changing, this
> +.\" manual page may be incorrect or out-of-date.  The author(s) assume no
> +.\" responsibility for errors or omissions, or for damages resulting from
> +.\" the use of the information contained herein.  The author(s) may not
> +.\" have taken the same level of care in the production of this manual,
> +.\" which is licensed free of charge, as they might when working
> +.\" professionally.
> +.\"
> +.\" Formatted or processed versions of this manual, if unaccompanied by
> +.\" the source, must acknowledge the copyright and authors of this work.
> +.\" %%%LICENSE_END
> +.\"
> +.\" Created 2016-03-03 by Dave Hansen <dave@xxxxxxxx>
> +.\"
> +.TH PKEYS 7 2016-03-03 "Linux" "Linux Programmer's Manual"
> +.SH NAME
> +pkeys \- overview of Memory Protection Keys
> +.SH DESCRIPTION
> +

Remove preceding blank line.

> +Memory Protection Keys (pkeys) are an extension to existing
> +page-based memory permissions.  Normal page permissions using
> +page tables require expensive system calls and TLB invalidations
> +when changing permissions.  Memory Protection Keys provide a
> +mechanism for changing protections without requiring modification
> +of the page tables on every permission change.
> +
> +To use pkeys, software must first "tag" a page in the pagetables
> +with a pkey.  After this tag is in place, an application only has
> +to change the contents of a register in order to remove write
> +access, or all access to a tagged page.
> +
> +pkeys work in conjunction with the existing PROT_READ / PROT_WRITE /
> +PROT_EXEC permissions passed to system calls like
> +.BR mprotect (2)
> +and
> +.BR mmap (2),
> +but always act to further restrict these traditional permission
> +mechanisms.
> +
> +To use this feature, the processor must support it, and Linux
> +must contain support for the feature on a given processor.  As of
> +early 2016 only future Intel x86 processors are supported, and this
> +hardware supports 16 protection keys in each process.  However,
> +pkey 0 is used as the default key, so a maximum of 15 are available
> +for actual application use.

I think we need here (or somewhere) an explanation of what the 
"default key" is.

> +
> +Any application wanting to use protection keys needs to be able
> +to function without them.  They might be unavailable because the
> +hardware that the application runs on does not support them, the
> +kernel code does not contain support, the kernel support has been
> +disabled, or because the keys have all been allocated, perhaps by
> +a library the application is using.  It is recommended that
> +applications wanting to use protection keys should simply call
> +.BR pkey_alloc ()
> +instead of attempting to detect support for the
> +feature in any other way.
> +
> +Hardware support for protection keys may be enumerated with
> +the cpuid instruction.  Details on how to do this can be
> +found in the Intel Software Developers Manual.  The kernel
> +performs this enumeration and exposes the information in
> +/proc/cpuinfo under the "flags" field.  "pku" in this field
> +indicates hardware support for protection keys and "ospke"
> +indicates that the kernel contains and has enabled protection
> +keys support.
> +.SS Protection Keys system calls
> +The Linux kernel implements the following pkey-related system calls:
> +.BR pkey_mprotect (2),
> +.BR pkey_alloc (2),
> +.BR pkey_free (2),
> +.BR pkey_set (2),
> +and
> +.BR pkey_get (2) .
> +.SH NOTES
> +The Linux pkey system calls and are available only

s/and //

> +if the kernel was configured and built with the
> +.BR CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS
> +option.
> +.SH EXAMPLE
> +.PP
> +The program below allocates a page of memory with read/write
> +permissions via PROT_READ|PROT_WRITE.  It then writes some
> +data to the memory and successfully reads it back.  After
> +that, it attempts to allocate a protection key and
> +disallows access to it by passsing
> +.BR PKEY_DISABLE_ACCESS
> +to
> +.BR pkey_set.

s/pkey_set/pkey_set (2)/

> +It then tried to access
> +.BR buffer
> +which we now expect to cause a fatal signal to the application.
> +.in +4n
> +.nf
> +.RB "$" " ./a.out"
> +buffer contains: 73
> +about to read buffer again...
> +Segmentation fault (core dumped)
> +.fi
> +.in
> +.SS Program source
> +\&
> +.nf
> +#define _GNU_SOURCE
> +#include <unistd.h>
> +#include <sys/syscall.h>
> +#include <stdio.h>
> +#include <sys/mman.h>
> +#include <assert.h>
> +
> +int sys_pkey_get(int pkey, unsigned long flags)
> +{
> +        return syscall(SYS_pkey_get, pkey);

In man-pages code examples, we use 4-space indents. Could you 
amend please?

Also, at various places in the code here, remove the "sys_" prefixes
in the function names.

> +}
> +
> +int sys_pkey_set(int pkey, unsigned long rights, unsigned long flags)
> +{
> +        return syscall(SYS_pkey_set, pkey, rights, flags);
> +}
> +
> +int sys_pkey_mprotect(void *ptr, size_t size, unsigned long orig_prot, unsigned long pkey)
> +{
> +        return syscall(SYS_pkey_mprotect, ptr, size, orig_prot, pkey);
> +}
> +
> +int pkey_alloc(void)
> +{
> +        return syscall(SYS_pkey_alloc, 0, 0);
> +}
> +
> +int pkey_free(unsigned long pkey)
> +{
> +        return syscall(SYS_pkey_free, pkey);
> +}
> +
> +int main(void)
> +{
> +        int err;

This isn't always an error value...
s/err/status/
(throughout)

> +        int pkey;
> +        int *buffer;
> +
> +        /* Allocate one page of memory: */
> +        buffer = mmap(NULL, getpagesize(), PROT_READ|PROT_WRITE, MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
> +        assert(buffer != (void *)-1);

Change "(void *)-1" to MAP_FAILED

Also, using assert() for error checking is undesirable. See the setns(2)
for a preferable alternative. Could you amend throughout please.

> +
> +        /* Put some randome data in to the page (still OK to touch): */

s/randome/random/

> +        (*buffer) = __LINE__;
> +        printf("buffer contains: %d\\n", *buffer);
> +
> +        /* Allocate a protection key: */
> +        pkey = pkey_alloc();
> +        assert(pkey > 0);
> +
> +        /* Disable access to any memory with "pkey" set,
> +         * even though there is none right now. */
> +        err = sys_pkey_set(pkey, PKEY_DISABLE_ACCESS, 0);

Add error checking code here please.

> +
> +        /*
> +         * set the protection key on "buffer":
> +         * Note that it is still read/write as far as mprotect() is,
> +         * concerned and the previous pkey_set() overrides it.
> +         */
> +        err = sys_pkey_mprotect(buffer, getpagesize(), PROT_READ|PROT_WRITE, pkey);
> +        assert(!err);
> +
> +        printf("about to read buffer again...\\n");
> +        /* this will crash, because we have disallowed access: */
> +        printf("buffer contains: %d\\n", *buffer);
> +
> +        err = pkey_free(pkey);
> +        assert(!err);
> +
> +        return 0;
> +}
> +

Removve blank line above.

> +.SH SEE ALSO
> +.BR pkey_alloc (2),
> +.BR pkey_free (2),
> +.BR pkey_get (2),
> +.BR pkey_mprotect (2),
> +.BR pkey_set (2),

Cheers,

Michael


-- 
Michael Kerrisk
Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
Linux/UNIX System Programming Training: http://man7.org/training/
--
To unsubscribe from this list: send the line "unsubscribe linux-api" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux