Re: [PATCH 2/9] mm: implement new pkey_mprotect() system call

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 06/11/2016 02:47 AM, Thomas Gleixner wrote:
> On Wed, 8 Jun 2016, Dave Hansen wrote:
>> > Proposed semantics:
>> > 1. protection key 0 is special and represents the default,
>> >    unassigned protection key.  It is always allocated.
>> > 2. mprotect() never affects a mapping's pkey_mprotect()-assigned
>> >    protection key. A protection key of 0 (even if set explicitly)
>> >    represents an unassigned protection key.
>> >    2a. mprotect(PROT_EXEC) on a mapping with an assigned protection
>> >        key may or may not result in a mapping with execute-only
>> >        properties.  pkey_mprotect() plus pkey_set() on all threads
>> >        should be used to _guarantee_ execute-only semantics.
>> > 3. mprotect(PROT_EXEC) may result in an "execute-only" mapping. The
>> >    kernel will internally attempt to allocate and dedicate a
>> >    protection key for the purpose of execute-only mappings.  This
>> >    may not be possible in cases where there are no free protection
>> >    keys available.
> Shouldn't we just reserve a protection key for PROT_EXEC unconditionally?

Normal userspace does not do PROT_EXEC today.  So, today, we'd
effectively lose one of our keys by reserving it.  Of the folks I've
talked to who really want this feature, and *will* actually use it, one
of the most common complaints is that there are too few keys.

Folks who actively *want* true PROT_EXEC semantics can use the explicit
pkey interfaces.

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>



[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]