On 07/09/2016 01:37 AM, Ingo Molnar wrote: > I.e. this pattern: > > ret = pkey_mprotect(NULL, PAGE_SIZE, real_prot, pkey); > > ... would validate the pkey and we'd return -EOPNOTSUPP for pkey that is not > available? This would allow maximum future flexibility as it would not define > kernel allocated pkeys as a 'range'. Isn't this multiplexing an otherwise straightforward system call? In addition to providing pkey assignment to memory, it would also being used to pass pkey allocation information independently from any use for memory assignment. The complexity of the ABI comes from its behavior, not from the raw number of system calls that are needed to implement it. IOW, this makes the ABI *more* complicated. -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
