On Wed, 14 Mar 2018, Ram Pai wrote:
> Applications need the ability to associate an address-range with some
> key and latter revert to its initial default key. Pkey-0 comes close to
> providing this function but falls short, because the current
> implementation disallows applications to explicitly associate pkey-0 to
> the address range.
>
> This patch clarifies the semantics of pkey-0 and provides the
grep 'This patch' Documentation/process
> corresponding implementation on powerpc.
>
> Pkey-0 is special with the following semantics.
> (a) it is implicitly allocated and can never be freed. It always exists.
> (b) it is the default key assigned to any address-range.
> (c) it can be explicitly associated with any address-range.
>
> Tested on x86_64.
I'm curious how the corresponding implementation on powerpc can be tested
on x86_64. Copy and paste is not enough ...
>
> History:
> v3 : added clarification of the semantics of pkey0.
> -- suggested by Dave Hansen
> v2 : split the patch into two, one for x86 and one for powerpc
> -- suggested by Michael Ellermen
Please put the history below the --- seperator. It's not part of the
changelog. That way the tools can discard it when picking up the patch.
>
> cc: Dave Hansen <dave.hansen@xxxxxxxxx>
> cc: Michael Ellermen <mpe@xxxxxxxxxxxxxx>
> cc: Ingo Molnar <mingo@xxxxxxxxxx>
> Signed-off-by: Ram Pai <linuxram@xxxxxxxxxx>
> ---
> arch/x86/include/asm/pkeys.h | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/arch/x86/include/asm/pkeys.h b/arch/x86/include/asm/pkeys.h
> index a0ba1ff..6ea7486 100644
> --- a/arch/x86/include/asm/pkeys.h
> +++ b/arch/x86/include/asm/pkeys.h
> @@ -52,7 +52,7 @@ bool mm_pkey_is_allocated(struct mm_struct *mm, int pkey)
> * from pkey_alloc(). pkey 0 is special, and never
> * returned from pkey_alloc().
> */
> - if (pkey <= 0)
> + if (pkey < 0)
> return false;
> if (pkey >= arch_max_pkey())
> return false;
> @@ -92,7 +92,8 @@ int mm_pkey_alloc(struct mm_struct *mm)
> static inline
> int mm_pkey_free(struct mm_struct *mm, int pkey)
> {
> - if (!mm_pkey_is_allocated(mm, pkey))
> + /* pkey 0 is special and can never be freed */
This comment is pretty useless. How should anyone figure out whats special
about pkey 0?
> + if (!pkey || !mm_pkey_is_allocated(mm, pkey))
Why this extra check? mm_pkey_is_allocated(mm, 0) should not return true
ever. If it does, then this wants to be fixed.
Thanks,
tglx
