Hello, Protection Key Supervisor (PKS) presents a way to control access to a large domain of memory quickly, without a page table walk or TLB flush, as well as with finer granularity; allowing protection control on individual threads. Multiple areas of memory have been identified as candidates to be protected with PKS. These include the initial use case persistent memory (PMEM), page tables[1], kernel secret keys[2], and the page cache.[3] Like PMEM the page cache presents a significant surface area where stray writes, or other bugs, could corrupt data permanently. I would like to discuss the ramifications of being able to change memory permissions in this new way. While PKS has a lot to offer it does not come for free. One trade off is the loss of direct access via page_address() in !HIGHMEM builds. Already PMEM's faced challenges in the leverage of kmap/kunmap. While the page cache should be able to leverage this work, this is driving a redefinition of what kmap means. Especially since the HIGHMEM use case is increasingly meaningless on modern machines. Ira Weiny [1] https://lore.kernel.org/lkml/20210830235927.6443-2-rick.p.edgecombe@xxxxxxxxx/ [2] https://lore.kernel.org/lkml/20201009201410.3209180-3-ira.weiny@xxxxxxxxx/ [3] https://lwn.net/Articles/883352/
