[PATCH v2 5/6] powerpc/pkeys: make protection key 0 less special

Ram Pai linuxram at us.ibm.com
Wed Jun 20 02:34:24 AEST 2018


On Tue, Jun 19, 2018 at 10:40:08PM +1000, Michael Ellerman wrote:
> Ram Pai <linuxram at us.ibm.com> writes:
> > Applications need the ability to associate an address-range with some
> > key and latter revert to its initial default key. Pkey-0 comes close to
> > providing this function but falls short, because the current
> > implementation disallows applications to explicitly associate pkey-0 to
> > the address range.
> >
> > Lets make pkey-0 less special and treat it almost like any other key.
> > Thus it can be explicitly associated with any address range, and can be
> > freed. This gives the application more flexibility and power.  The
> > ability to free pkey-0 must be used responsibily, since pkey-0 is
> > associated with almost all address-range by default.
> >
> > Even with this change pkey-0 continues to be slightly more special
> > from the following point of view.
> > (a) it is implicitly allocated.
> > (b) it is the default key assigned to any address-range.
> > (c) its permissions cannot be modified by userspace.
> >
> > NOTE: (c) is specific to powerpc only. pkey-0 is associated by default
> > with all pages including kernel pages, and pkeys are also active in
> > kernel mode. If any permission is denied on pkey-0, the kernel running
> > in the context of the application will be unable to operate.
> 
> We could fix that by saving/restoring the AMR when we come into the
> kernel, and switching to a kernel-AMR with all keys accessible.
> 
> We'd then need to think about copy_to/from_user() gup etc. So maybe we
> don't want to do that. But it's not set in stone.
> 
> Are we calling this a bug fix?

Actually, I call it borderline bug fix. Its more of a feature.

RP



More information about the Linuxppc-dev mailing list