From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andrew Cooper Subject: Re: [V2 PATCH 0/9] x86/hvm: pkeys, add memory protection-key support Date: Fri, 27 Nov 2015 16:31:33 +0000 Message-ID: <56588565.8010109@citrix.com> References: <1448617923-10884-1-git-send-email-huaitong.han@intel.com> <565853A7.4000105@citrix.com> <1448641320.7592.13.camel@intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <1448641320.7592.13.camel@intel.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: "Han, Huaitong" Cc: "jbeulich@suse.com" , "xen-devel@lists.xen.org" List-Id: xen-devel@lists.xenproject.org On 27/11/15 16:22, Han, Huaitong wrote: > On Fri, 2015-11-27 at 12:59 +0000, Andrew Cooper wrote: >> Just for my own understand, do you have a sample use-case for >> protection >> keys? >> >> As everything can WRPKRU, I cant see how it would actually be useful. >> Clearly there is a usecase or you (Intel) wouldn't have gone to the >> effort of putting into silicon. >> >> ~Andrew > I understand PKU is a active memory protection, pkru register is thread > -private, every thread can only change its pkru value, it is a > enhancement of pte write/access, it provides two advantage: > 1.During permission changes, we only need update pkru register instead > of pte, so it can reduce the need to perform TLB shootdowns. > 2.Compared with traditional read and write permissions, it can provide > thread-private permissions. So it is a feature which allows threads to cooperatively prevent themselves trampling on each other. I can see this being useful for debugging and robustness. ~Andrew