On 05/03/2018 03:14 AM, Andy Lutomirski wrote:
No, I’m saying that all threads should get the*requested* access. If I’m protecting the GOT, I want all threads to get RO access. If I’m writing a crypto library, I probably want all threads to have no access. If I’m writing a database, I probably want all threads to get RO by default. If I’m writing some doodad to sandbox some carefully constructed code, I might want all threads to have full access by default.
Just a clarification: This key allocation issue is *not* a blocker for anything related to a safer GOT, or any other use of memory protection keys by the C implementation itself. I agree that there could be application issues if threads are created early, but solving this issue in a general way appears to be quite costly.
Thanks, Florian -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html