Re: [PATCH 1/9] x86, pkeys: do not special case protection key 0

From: Ram Pai
Date: Mon Mar 26 2018 - 22:27:38 EST


On Fri, Mar 23, 2018 at 11:09:05AM -0700, Dave Hansen wrote:
>
> From: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
>
> mm_pkey_is_allocated() treats pkey 0 as unallocated. That is
> inconsistent with the manpages, and also inconsistent with
> mm->context.pkey_allocation_map. Stop special casing it and only
> disallow values that are actually bad (< 0).
>
> The end-user visible effect of this is that you can now use
> mprotect_pkey() to set pkey=0.
>
> This is a bit nicer than what Ram proposed because it is simpler
> and removes special-casing for pkey 0. On the other hand, it does
> allow applciations to pkey_free() pkey-0, but that's just a silly
> thing to do, so we are not going to protect against it.

The more I think about this, the more I feel we are opening up a can
of worms. I am ok with a bad application, shooting itself in its feet.
But I am worried about all the bug reports and support requests we
will encounter when applications inadvertently shoot themselves
and blame it on the kernel.

a warning in dmesg logs indicating a free-of-pkey-0 can help deflect
the blame from the kernel.

RP