From: Pavel Machek <pavel@ucw.cz>
To: Ram Pai <linuxram@us.ibm.com>
Cc: linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org,
benh@kernel.crashing.org, paulus@samba.org, mpe@ellerman.id.au,
khandual@linux.vnet.ibm.com, aneesh.kumar@linux.vnet.ibm.com,
bsingharora@gmail.com, dave.hansen@intel.com, hbabu@us.ibm.com
Subject: Re: [RFC PATCH 0/7 v1] powerpc: Memory Protection Keys
Date: Tue, 20 Jun 2017 09:07:49 +0200 [thread overview]
Message-ID: <20170620070749.GC30728@amd> (raw)
In-Reply-To: <1496711109-4968-1-git-send-email-linuxram@us.ibm.com>
[-- Attachment #1: Type: text/plain, Size: 1093 bytes --]
Hi!
> Memory protection keys enable applications to protect its
> address space from inadvertent access or corruption from
> itself.
>
> The overall idea:
>
> A process allocates a key and associates it with
> a address range within its address space.
> The process than can dynamically set read/write
> permissions on the key without involving the
> kernel. Any code that violates the permissions
> off the address space; as defined by its associated
> key, will receive a segmentation fault.
Do you have some documentation how userspace should use this? Will it
be possible to hide details in libc so that it works across
architectures? Do you have some kind of library that hides them?
Where would you like it to be used? Web browsers?
How does it interact with ptrace()? With /dev/mem? With /proc/XXX/mem?
Will it enable malware to become very hard to understand?
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 181 bytes --]
prev parent reply other threads:[~2017-06-20 7:07 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-06 1:05 [RFC PATCH 0/7 v1] powerpc: Memory Protection Keys Ram Pai
2017-06-06 1:05 ` [RFC PATCH 1/7 v1]powerpc: Free up four PTE bits to accommodate memory keys Ram Pai
2017-06-12 6:57 ` Aneesh Kumar K.V
2017-06-12 22:20 ` Ram Pai
2017-06-13 2:02 ` Aneesh Kumar K.V
2017-06-13 21:51 ` Ram Pai
2017-06-13 4:52 ` Aneesh Kumar K.V
2017-06-13 21:52 ` Ram Pai
2017-06-06 1:05 ` [RFC PATCH 2/7 v1]powerpc: Implement sys_pkey_alloc and sys_pkey_free system call Ram Pai
2017-06-06 1:05 ` [RFC PATCH 3/7 v1]powerpc: store and restore the key state across context switches Ram Pai
2017-06-06 1:05 ` [RFC PATCH 4/7 v1]powerpc: Implementation for sys_mprotect_pkey() system call Ram Pai
2017-06-06 1:05 ` [RFC PATCH 5/7 v1]powerpc: Program HPTE key protection bits Ram Pai
2017-06-06 1:05 ` [RFC PATCH 6/7 v1]powerpc: Handle exceptions caused by violation of key protection Ram Pai
2017-06-06 1:05 ` [RFC PATCH 7/7 v1]powerpc: Deliver SEGV signal on protection key violation Ram Pai
2017-06-16 9:20 ` Anshuman Khandual
2017-06-16 10:33 ` Benjamin Herrenschmidt
2017-06-16 19:15 ` Ram Pai
2017-06-16 22:54 ` Benjamin Herrenschmidt
2017-06-22 21:41 ` Ram Pai
2017-06-16 19:10 ` Ram Pai
2017-06-16 11:18 ` Michael Ellerman
2017-06-16 19:35 ` Ram Pai
2017-06-20 7:07 ` Pavel Machek [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170620070749.GC30728@amd \
--to=pavel@ucw.cz \
--cc=aneesh.kumar@linux.vnet.ibm.com \
--cc=benh@kernel.crashing.org \
--cc=bsingharora@gmail.com \
--cc=dave.hansen@intel.com \
--cc=hbabu@us.ibm.com \
--cc=khandual@linux.vnet.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=linuxram@us.ibm.com \
--cc=mpe@ellerman.id.au \
--cc=paulus@samba.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).