Re: [RFC v2 00/12] powerpc: Memory Protection Keys
From: Benjamin Herrenschmidt
Date: Tue Jun 20 2017 - 05:57:20 EST
On Tue, 2017-06-20 at 15:10 +1000, Balbir Singh wrote:
> On Fri, 2017-06-16 at 20:52 -0700, Ram Pai wrote:
> > Memory protection keys enable applications to protect its
> > address space from inadvertent access or corruption from
> > itself.
>
> I presume by itself you mean protection between threads?
Not necessarily. You could have for example a JIT that
when it runs the JITed code, only "opens" the keys for
the VM itself, preventing the JITed code from "leaking out"
There are plenty of other usages...
>
> > The overall idea:
> >
> > A process allocates a key and associates it with
> > a address range within its address space.
>
> OK, so this is per VMA?
>
> > The process than can dynamically set read/write
> > permissions on the key without involving the
> > kernel.
>
> This bit is not clear, how can the key be set without
> involving the kernel? I presume you mean the key is set
> in the PTE's and the access protection values can be
> set without involving the kernel?
>
> Any code that violates the permissions
> > off the address space; as defined by its associated
> > key, will receive a segmentation fault.
> >
> > This patch series enables the feature on PPC64.
> > It is enabled on HPTE 64K-page platform.
> >
> > ISA3.0 section 5.7.13 describes the detailed specifications.
> >
> >
> > Testing:
> > This patch series has passed all the protection key
> > tests available in the selftests directory.
> > The tests are updated to work on both x86 and powerpc.
>
> Balbir