On 10/29/18 10:02 AM, Michael Sammler wrote: >>> Also, I'm not sure the kernel provides the PKRU guarantees you want at >>> the moment. Our implementation *probably* works, but it's mostly by >>> accident. > I don't know, which guarantees about the PKRU are provided at the > moment, but the only guarantee needed for this patch is, that the kernel > does not change the bits of the PKRU register, which belong to pkeys > allocated by the user program, between the syscall entry and the call to > secure_computing(). Is there are use case where the kernel would like to > modify these bits of the PKRU? We've been talking about doing more lax save/restore of the XSAVE content (PKRU is part of this content). We would, for instance, only restore it when returning to userspace, but PKRU might not be up-to-date with the value in current->fpu. It's not a deal-breaker with your approach, it's just something to be careful of and make sure PKRU is up-to-date before you go use it.
