From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 701F9C3DA41 for ; Tue, 9 Jul 2024 08:53:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Type:MIME-Version: Message-ID:Date:References:In-Reply-To:Subject:Cc:To:From:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=aKrbvYatQQa9iqD/RLLmut5wz3BIvGbGeZI4a400mkw=; b=LQ8ydaEcRMphXj1at/BFKEo77o PQDBxM31sEXADi2j5UlkNShX7Xp2yZyAmfmwfz5KV4gha9A+97Lg6JbMCZK+QuCqOJ7n873oLBJFE P+NBcPUms/CjuTTxLubO6zabYz60D5wKqWLVIj8hv39MSlj3OxSwe92vcNf9ytKpPEmwb7Qe9v12B 79rTa3COV+sqD/RmHEw+st1ndvgqJrfdEEj3oz0eK7Hj/BDVXRIMpaFEpyBT+uwXPiLjlrjZ6gdV8 wqq5XT3+o45xcDira33DEV4wi9QTiEBFlrHqWDXsbcua1cF+/2myXxP9vDvCx7n3WnLNVGlHKuZ8G uG8/TF6Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1sR6ah-00000006Trs-3DqX; Tue, 09 Jul 2024 08:52:51 +0000 Received: from us-smtp-delivery-124.mimecast.com ([170.10.133.124]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1sR6aS-00000006ToP-0cn2 for linux-arm-kernel@lists.infradead.org; Tue, 09 Jul 2024 08:52:37 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1720515154; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=aKrbvYatQQa9iqD/RLLmut5wz3BIvGbGeZI4a400mkw=; b=DpExboipbpZsb5hA8MZS+pnWqFRlcoGaoyQYP0EmXqb92Oqh1bthLAT1i4B+GL46lOt2dc 18RfoepX6gPzhPmTzkClnv8kcxz+ZIDA6ErWrqjlg1Syawdx9VkHXgJIE7M3Umns2pJ2pG teS5C8LlwjlEiJI/c/WB2A4GMdS9LHs= Received: from mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-494-95z-6JRaPpWfMZk9MN0rrw-1; Tue, 09 Jul 2024 04:52:30 -0400 X-MC-Unique: 95z-6JRaPpWfMZk9MN0rrw-1 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id A13F31958B3D; Tue, 9 Jul 2024 08:52:25 +0000 (UTC) Received: from oldenburg.str.redhat.com (unknown [10.45.224.64]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id DDBC43000181; Tue, 9 Jul 2024 08:52:15 +0000 (UTC) From: Florian Weimer To: Szabolcs Nagy Cc: Catalin Marinas , Joey Gouly , dave.hansen@linux.intel.com, linux-arm-kernel@lists.infradead.org, akpm@linux-foundation.org, aneesh.kumar@kernel.org, aneesh.kumar@linux.ibm.com, bp@alien8.de, broonie@kernel.org, christophe.leroy@csgroup.eu, hpa@zytor.com, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linuxppc-dev@lists.ozlabs.org, maz@kernel.org, mingo@redhat.com, mpe@ellerman.id.au, naveen.n.rao@linux.ibm.com, npiggin@gmail.com, oliver.upton@linux.dev, shuah@kernel.org, tglx@linutronix.de, will@kernel.org, x86@kernel.org, kvmarm@lists.linux.dev Subject: Re: [PATCH v4 17/29] arm64: implement PKEYS support In-Reply-To: (Szabolcs Nagy's message of "Tue, 9 Jul 2024 09:32:21 +0100") References: <20240503130147.1154804-1-joey.gouly@arm.com> <20240503130147.1154804-18-joey.gouly@arm.com> <20240531152138.GA1805682@e124191.cambridge.arm.com> <87a5jj4rhw.fsf@oldenburg.str.redhat.com> Date: Tue, 09 Jul 2024 10:52:12 +0200 Message-ID: <87ikxf0wxv.fsf@oldenburg.str.redhat.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 Content-Type: text/plain X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240709_015236_280050_80F25AC2 X-CRM114-Status: GOOD ( 19.63 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org * Szabolcs Nagy: >> However, does it matter much? That's only for the initial setup, the >> user can then change the permissions directly via the sysreg. So maybe >> we don't need all those combinations upfront. A PKEY_DISABLE_EXECUTE >> together with the full PKEY_DISABLE_ACCESS would probably suffice. > > this is ok. > > a bit awkward in userspace when the register is directly > set to e.g write-only and pkey_get has to return something, > but we can handle settings outside of valid PKEY_* macros > as unspec, users who want that would use their own register > set/get code. > > i would have designed the permission to use either existing > PROT_* flags or say that it is architectural and written to > the register directly and let the libc wrapper deal with > portable api, i guess it's too late now. We can still define a portable API if we get a few more PKEY_* bits. The last attempt stalled because the kernel does not really need them, it would be for userspace benefit only. For performance-critical code, pkey_get/pkey_set are already too slow, so adding a bit more bit twiddling to it wouldn't be a proble, I think. Applications that want to change protection key bits around a very short code sequence will have to write the architecture-specific register. > (the signal handling behaviour should have a control and it > is possible to fix e.g. via pkey_alloc flags, but that may > not be the best solution and this can be done later.) For glibc, the POWER behavior is much more useful. Thanks, Florian