From: Dave Hansen <dave.hansen-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
To: mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org
Cc: linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
x86-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org,
Dave Hansen <dave.hansen-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
Subject: [PATCH 2/5] mprotect.2: add pkey_mprotect() syscall
Date: Tue, 13 Sep 2016 12:45:09 -0700 [thread overview]
Message-ID: <20160913194509.5C3C3722@ray> (raw)
In-Reply-To: <20160913194406.20CBFD0C@ray>
Signed-off-by: Dave Hansen <dave.hansen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
---
b/man2/mprotect.2 | 44 +++++++++++++++++++++++++++++++++++++++++---
1 file changed, 41 insertions(+), 3 deletions(-)
diff -puN man2/mprotect.2~mprotect man2/mprotect.2
--- a/man2/mprotect.2~mprotect 2016-09-13 12:42:56.403959283 -0700
+++ b/man2/mprotect.2 2016-09-13 12:42:56.407959283 -0700
@@ -38,16 +38,19 @@
.\"
.TH MPROTECT 2 2015-07-23 "Linux" "Linux Programmer's Manual"
.SH NAME
-mprotect \- set protection on a region of memory
+mprotect, pkey_mprotect \- set protection on a region of memory
.SH SYNOPSIS
.nf
.B #include <sys/mman.h>
.sp
.BI "int mprotect(void *" addr ", size_t " len ", int " prot );
+.BI "int pkey_mprotect(void *" addr ", size_t " len ", int " prot ", int " pkey ");
.fi
.SH DESCRIPTION
.BR mprotect ()
-changes protection for the calling process's memory page(s)
+and
+.BR pkey_mprotect ()
+change protection for the calling process's memory page(s)
containing any part of the address range in the
interval [\fIaddr\fP,\ \fIaddr\fP+\fIlen\fP\-1].
.I addr
@@ -74,10 +77,19 @@ The memory can be modified.
.TP
.B PROT_EXEC
The memory can be executed.
+.PP
+.I pkey
+is the protection key to assign to the memory.
+A pkey must be allocated with
+.BR pkey_alloc (2)
+before it is passed to
+.BR pkey_mprotect ().
.SH RETURN VALUE
On success,
.BR mprotect ()
-returns zero.
+and
+.BR pkey_mprotect ()
+return zero.
On error, \-1 is returned, and
.I errno
is set appropriately.
@@ -95,6 +107,8 @@ to mark it
.B EINVAL
\fIaddr\fP is not a valid pointer,
or not a multiple of the system page size.
+Or: \fIpkey\fP has not been allocated with
+.BR pkey_alloc (2)
.\" Or: both PROT_GROWSUP and PROT_GROWSDOWN were specified in 'prot'.
.TP
.B ENOMEM
@@ -165,6 +179,29 @@ but at a minimum can allow write access
has been set, and must not allow any access if
.B PROT_NONE
has been set.
+
+Applications should be careful when mixing use of
+.BR mprotect ()
+and
+.BR pkey_mprotect () .
+On x86, when
+.BR mprotect ()
+is used with
+.IR prot
+set to
+.B PROT_EXEC
+a pkey is may be allocated and set on the memory implicitly
+by the kernel, but only when the pkey was 0 previously.
+
+On systems that do not support protection keys in hardware,
+.BR pkey_mprotect ()
+may still be used, but
+.IR pkey
+must be set to 0.
+When called this way, the operation of
+.BR pkey_mprotect ()
+is equivalent to
+.BR mprotect ().
.SH EXAMPLE
.\" sigaction.2 refers to this example
.PP
@@ -246,3 +283,4 @@ main(int argc, char *argv[])
.SH SEE ALSO
.BR mmap (2),
.BR sysconf (3)
+.BR pkey (7)
_
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2016-09-13 19:45 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-13 19:44 [PATCH 0/5] [RFCv5] add manpages for Memory Protection Keys Dave Hansen
2016-09-13 19:44 ` [PATCH 1/5] pkey.7: New page with overview of " Dave Hansen
2016-10-12 6:25 ` Michael Kerrisk (man-pages)
[not found] ` <CAKgNAkj8voeBsjERrRq+17L9rK5Vy_quv7Dm_7Hkmuvxfpw_iQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2016-10-12 16:41 ` Dave Hansen
[not found] ` <57FE679D.8010101-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-10-17 12:04 ` Michael Kerrisk (man-pages)
[not found] ` <558d30e9-e374-728c-2099-ed8eccadf7a2-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2016-10-17 22:06 ` Dave Hansen
[not found] ` <58054B48.1030600-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-10-18 6:01 ` Michael Kerrisk (man-pages)
2016-09-13 19:45 ` Dave Hansen [this message]
2016-09-13 19:45 ` [PATCH 3/5] pkey_alloc.2: New page describing protection key allocation and free Dave Hansen
2016-09-13 19:46 ` [PATCH 4/5] sigaction.2: describe siginfo changes from pkey-induced signals Dave Hansen
2016-09-13 19:46 ` [PATCH 5/5] proc.5: describe new ProtectionKey smaps field Dave Hansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160913194509.5C3C3722@ray \
--to=dave.hansen-ral2jqcrhueavxtiumwx3w@public.gmane.org \
--cc=linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=x86-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).