On 12/13/2017 04:57 AM, Kirill A. Shutemov wrote:
> Dave, what is effect of this on protection keys?
The goal was to make pkeys-protected userspace memory access
_consistent_ with normal access. Specifically, we want a kernel to
disallow access (or writes) to memory where userspace mapping has a pkey
whose permissions are in conflict with the access.
For instance:
This will fault writing a byte to 'addr':
char *addr = malloc(PAGE_SIZE);
pkey_mprotect(addr, PAGE_SIZE, 13);
pkey_deny_access(13);
*addr[0] = 'f';
But this will write one byte to addr successfully (if it uses the kernel
mapping of the physical page backing 'addr'):
char *addr = malloc(PAGE_SIZE);
pkey_mprotect(addr, PAGE_SIZE, 13);
pkey_deny_access(13);
read(fd, addr, 1);
