[RFC][PATCH 1/7] x86, pkeys: Documentation
From: Dave Hansen
Date: Mon Feb 22 2016 - 20:11:28 EST
From: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
Give a high-level overview of Protection Keys from a hardware
perspective, as well as some description since we referred to
this from the Kconfig text.
Signed-off-by: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
---
b/Documentation/x86/protection-keys.txt | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
diff -puN /dev/null Documentation/x86/protection-keys.txt
--- /dev/null 2015-12-10 15:28:13.322405854 -0800
+++ b/Documentation/x86/protection-keys.txt 2016-02-22 17:09:22.811272277 -0800
@@ -0,0 +1,28 @@
+Memory Protection Keys for User pages is a CPU feature which will
+first appear on Skylake Servers, but will also be supported on
+future non-server parts.
+
+Memory Protection Keys provides a mechanism for enforcing page-based
+protections, but without requiring modification of the page tables
+when an application changes protection domains. It works by
+dedicating 4 previously ignored bits in each page table entry to a
+"protection key", giving 16 possible keys.
+
+There is also a new user-accessible register (PKRU) with two separate
+bits (Access Disable and Write Disable) for each key. Being a CPU
+register, PKRU is inherently thread-local, potentially giving each
+thread a different set of protections from every other thread.
+
+There are two new instructions (RDPKRU/WRPKRU) for reading and writing
+to the new register. The feature is only available in 64-bit mode,
+even though there is theoretically space in the PAE PTEs. These
+permissions are enforced on data access only and have no effect on
+instruction fetches.
+
+=========================== Config Option ===========================
+
+This config option adds approximately 1.5kb of text. and 50 bytes of
+data to the executable. A workload which does large O_DIRECT reads
+of holes in XFS files was run to exercise get_user_pages_fast(). No
+performance delta was observed with the config option
+enabled or disabled.
_