On Wed, Dec 13, 2017 at 07:14:41AM -0800, Dave Hansen wrote: > On 12/13/2017 04:57 AM, Kirill A. Shutemov wrote: > > Dave, what is effect of this on protection keys? > > The goal was to make pkeys-protected userspace memory access > _consistent_ with normal access. Specifically, we want a kernel to > disallow access (or writes) to memory where userspace mapping has a pkey > whose permissions are in conflict with the access. > > For instance: > > This will fault writing a byte to 'addr': > > char *addr = malloc(PAGE_SIZE); > pkey_mprotect(addr, PAGE_SIZE, 13); > pkey_deny_access(13); > *addr[0] = 'f'; > > But this will write one byte to addr successfully (if it uses the kernel > mapping of the physical page backing 'addr'): > > char *addr = malloc(PAGE_SIZE); > pkey_mprotect(addr, PAGE_SIZE, 13); > pkey_deny_access(13); > read(fd, addr, 1); >
This seems confused to me; why are these two cases different?
