On 11/23/2017 12:11 AM, Vlastimil Babka wrote: >> No, the default is clearly 0 and documented to be so. The PROT_EXEC >> emulation one should be inaccessible in all the APIs so does not even >> show up as *being* a key in the API. The fact that it's implemented >> with pkeys should be pretty immaterial other than the fact that you >> can't touch the high bits in PKRU. > So, just to be sure, if we call pkey_mprotect() with 0, will it blindly > set 0, or the result of arch_override_mprotect_pkey() (thus equivalent > to call with -1) ? I assume the latter? It's supposed to set 0. -1 was, as far as I remember, an internal-to-the-kernel-only thing to tell us that a key came from *mprotect()* instead of pkey_mprotect().