On 03/17/2018 02:12 AM, Thomas Gleixner wrote: >> This is a bit nicer than what Ram proposed because it is simpler >> and removes special-casing for pkey 0. On the other hand, it does >> allow applciations to pkey_free() pkey-0, but that's just a silly >> thing to do, so we are not going to protect against it. > What's the consequence of that? Application crashing and burning itself or > something more subtle? You would have to: pkey_free(0) ... later new_key = pkey_alloc(); // now new_key=0 pkey_deny_access(new_key); // or whatever At which point most apps would probably croak because its stack is inaccessible. The free itself does not make the key inaccessible, *but* we could also do that within the existing ABI if we want. I think I called out that behavior as undefined in the manpage.
