Re: [PATCH 1/1 v2] x86: pkey-mprotect must allow pkey-0

From: Dave Hansen
Date: Wed Mar 14 2018 - 10:19:45 EST

Next message: Thomas Gleixner: "Re: [PATCH v4.16-rc5 1/3] x86/vdso: on Intel, VDSO should handle CLOCK_MONOTONIC_RAW"
Previous message: James Bottomley: "Re: [PATCH 4/5] MODSIGN: checking the blacklisted hash before loading a kernel module"
In reply to: Ram Pai: "[PATCH 1/1 v2] x86: pkey-mprotect must allow pkey-0"
Next in thread: Ram Pai: "Re: [PATCH 1/1 v2] x86: pkey-mprotect must allow pkey-0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 03/14/2018 12:46 AM, Ram Pai wrote:
> Once an address range is associated with an allocated pkey, it cannot be
> reverted back to key-0. There is no valid reason for the above behavior. On
> the contrary applications need the ability to do so.

I'm trying to remember why we cared in the first place. :)

Could you add that to the changelog, please?

> @@ -92,7 +92,8 @@ int mm_pkey_alloc(struct mm_struct *mm)
> static inline
> int mm_pkey_free(struct mm_struct *mm, int pkey)
> {
> - if (!mm_pkey_is_allocated(mm, pkey))
> + /* pkey 0 is special and can never be freed */
> + if (!pkey || !mm_pkey_is_allocated(mm, pkey))
> return -EINVAL;

If an app was being really careful, couldn't it free up all of the
implicitly-pkey-0-assigned memory so that it is not in use at all? In
that case, we might want to allow this.

On the other hand, nobody is likely to _ever_ actually do this so this
is good shoot-yourself-in-the-foot protection.

Next message: Thomas Gleixner: "Re: [PATCH v4.16-rc5 1/3] x86/vdso: on Intel, VDSO should handle CLOCK_MONOTONIC_RAW"
Previous message: James Bottomley: "Re: [PATCH 4/5] MODSIGN: checking the blacklisted hash before loading a kernel module"
In reply to: Ram Pai: "[PATCH 1/1 v2] x86: pkey-mprotect must allow pkey-0"
Next in thread: Ram Pai: "Re: [PATCH 1/1 v2] x86: pkey-mprotect must allow pkey-0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]