On Tue, Nov 03, 2020 at 07:50:24AM +0100, Greg KH wrote:
> On Mon, Nov 02, 2020 at 12:53:15PM -0800, ira.weiny@xxxxxxxxx wrote:
> > From: Fenghua Yu <fenghua.yu@xxxxxxxxx>
> >
[snip]
> > diff --git a/include/linux/pkeys.h b/include/linux/pkeys.h
> > index 2955ba976048..0959a4c0ca64 100644
> > --- a/include/linux/pkeys.h
> > +++ b/include/linux/pkeys.h
> > @@ -50,4 +50,28 @@ static inline void copy_init_pkru_to_fpregs(void)
> >
> > #endif /* ! CONFIG_ARCH_HAS_PKEYS */
> >
> > +#define PKS_FLAG_EXCLUSIVE 0x00
> > +
> > +#ifndef CONFIG_ARCH_HAS_SUPERVISOR_PKEYS
> > +static inline int pks_key_alloc(const char * const pkey_user, int flags)
> > +{
> > + return -EOPNOTSUPP;
> > +}
> > +static inline void pks_key_free(int pkey)
> > +{
> > +}
> > +static inline void pks_mk_noaccess(int pkey)
> > +{
> > + WARN_ON_ONCE(1);
>
> So for panic-on-warn systems, this is ok to reboot the box?
I would not expect this to reboot the box no. But it is a violation of the API
contract. If pky_key_alloc() returns an error calling any of the other
functions is an error.
>
> Are you sure, that feels odd...
It does feel odd and downright wrong... But there are a lot of WARN_ON_ONCE's
out there to catch this type of internal programming error. Is panic-on-warn
commonly used?
Ira
