On 12/13/2017 10:08 AM, Linus Torvalds wrote: > On Wed, Dec 13, 2017 at 7:54 AM, Peter Zijlstr <peterz@xxxxxxxxxxxxx> wrote: >> Which is why get_user_pages() _should_ enforce this. >> >> What use are protection keys if you can trivially circumvent them? > No, we will *not* worry about protection keys in get_user_pages(). We did introduce some support for it here: > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=33a709b25a760b91184bb335cf7d7c32b8123013 > They are not "security". They are a debug aid and safety against > random mis-use. Totally agree. It's not about security. As I mentioned in the commit, the goal here was to try to make pkey-protected access behavior consistent with mprotect(). I still think this was nice to do and probably surprises users less than if we didn't have it. > We already allow access to PROT_NONE for gdb and friends, very much on purpose. Yup, exactly, and that's one of the reasons that I tried to call those out as "remote" access that are specicifially no subject to protection keys. -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>
