On 05/09/2018 04:41 PM, Andy Lutomirski wrote:
Hmm. I can get on board with the idea that fork() / clone() / pthread_create() are all just special cases of the idea that the thread that*calls* them should have the right pkey values, and the latter is already busted given our inability to asynchronously propagate the new mode in pkey_alloc(). So let's so PKEY_ALLOC_SETSIGNAL as a starting point.
Ram, any suggestions for implementing this on POWER?
One thing we could do, though: the current initual state on process creation is all access blocked on all keys. We could change it so that half the keys are fully blocked and half are read-only. Then we could add a PKEY_ALLOC_STRICT or similar that allocates a key with the correct initial state*and* does the setsignal thing. If there are no keys left with the correct initial state, then it fails.
The initial PKRU value can currently be configured by the system administrator. I fear this approach has too many moving parts to be viable.
Thanks, Florian
