The 05/31/2024 16:21, Joey Gouly wrote:
> Hi Szabolcs,
>
> On Fri, May 31, 2024 at 03:57:07PM +0100, Szabolcs Nagy wrote:
> > The 05/03/2024 14:01, Joey Gouly wrote:
> > > Implement the PKEYS interface, using the Permission Overlay Extension.
> > ...
> > > +#ifdef CONFIG_ARCH_HAS_PKEYS
> > > +int arch_set_user_pkey_access(struct task_struct *tsk, int pkey, unsigned long init_val)
> > > +{
> > > + u64 new_por = POE_RXW;
> > > + u64 old_por;
> > > + u64 pkey_shift;
> > > +
> > > + if (!arch_pkeys_enabled())
> > > + return -ENOSPC;
> > > +
> > > + /*
> > > + * This code should only be called with valid 'pkey'
> > > + * values originating from in-kernel users. Complain
> > > + * if a bad value is observed.
> > > + */
> > > + if (WARN_ON_ONCE(pkey >= arch_max_pkey()))
> > > + return -EINVAL;
> > > +
> > > + /* Set the bits we need in POR: */
> > > + if (init_val & PKEY_DISABLE_ACCESS)
> > > + new_por = POE_X;
> > > + else if (init_val & PKEY_DISABLE_WRITE)
> > > + new_por = POE_RX;
> > > +
> >
> > given that the architecture allows r,w,x permissions to be
> > set independently, should we have a 'PKEY_DISABLE_EXEC' or
> > similar api flag?
> >
> > (on other targets it can be some invalid value that fails)
>
> I didn't think about the best way to do that yet. PowerPC has a PKEY_DISABLE_EXECUTE.
>
> We could either make that generic, and X86 has to error if it sees that bit, or
> we add a arch-specific PKEY_DISABLE_EXECUTE like PowerPC.
this does not seem to be in glibc yet. (or in linux man pages)
i guess you can copy whatever ppc does.
>
> A user can still set it by interacting with the register directly, but I guess
> we want something for the glibc interface..
>
> Dave, any thoughts here?
adding Florian too, since i found an old thread of his that tried
to add separate PKEY_DISABLE_READ and PKEY_DISABLE_EXECUTE, but
it did not seem to end up upstream. (this makes more sense to me
as libc api than the weird disable access semantics)
