On 12/18/2015 03:16 PM, Andy Lutomirski wrote: > Hrm. We might also want an option to change pkru and/or baseline_pkru > in all threads in the current mm. That's optional but it could be > handy. Maybe it would be as simple as having the allocate-a-pkey call > have an option to set an initial baseline value and an option to > propagate that initial value to pre-existing threads.
Do you mean actively going in and changing PKRU in other threads? I fear that will be dangerous. IMNHO, whatever we do, I think we need to ensure that _raw_ PKRU calls are allowed (somehow). Raw in this case would mean a thread calling WRPKRU without a system call and without checking in with what any other threads are doing. Let's say baseline_pkru=0x004 (we're access-disabling PKEY[1] and using it for execute-only). Now, a thread is trying to do this: pkey2 = sys_pkey_alloc(); // now pkey2=2 tmp = rdpkru(); // 0x004 tmp |= 0x10; // set PKRU[2].AD=1 wrpkru(tmp); While another thread does: pkey4 = pkey_alloc(); // pkey4=4 sys_pkey_set(pkey4, ACCESS_DISABLE, SET_BASELINE_ALL_THREADS); Without some kind of locking, that's going to race. We could do all the locking in the kernel, but that requires that the kernel do all the PKRU writing, which I'd really like to avoid. I think the closest we can get reasonably is to have the kernel track the baseline_pkru and then allow userspace to query it in case userspace decides that thread needs to update its thread-local PKRU from the baseline. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/