On 11/22/2017 09:18 AM, Vlastimil Babka wrote:
And, was the pkey == -1 internal wiring supposed to be exposed to the pkey_mprotect() signal, or should there have been a pre-check returning EINVAL in SYSCALL_DEFINE4(pkey_mprotect), before calling do_mprotect_pkey())? I assume it's too late to change it now anyway (or not?), so should we also document it?
I think the -1 case to the set the default key is useful because it allows you to use a key value of -1 to mean “MPK is not supported”, and still call pkey_mprotect.
I plan to document this behavior on the glibc side, and glibc will call mprotect (not pkey_mprotect) for key -1, so that you won't get ENOSYS with kernels which do not support pkey_mprotect.
Thanks, Florian
