From: Dave Hansen <dave@sr71.net>
To: linux-kernel@vger.kernel.org
Cc: Dave Hansen <dave@sr71.net>, dave.hansen@linux.intel.com
Subject: [PATCH 1/9] x86, pkeys: Documentation
Date: Wed, 09 Mar 2016 14:00:09 -0800 [thread overview]
Message-ID: <20160309220009.8F33CBCB@viggo.jf.intel.com> (raw)
In-Reply-To: <20160309220008.D61AF421@viggo.jf.intel.com>
From: Dave Hansen <dave.hansen@linux.intel.com>
Give a high-level overview of Protection Keys from a hardware
perspective, as well as some description since we referred to
this from the Kconfig text.
Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com>
---
b/Documentation/x86/protection-keys.txt | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
diff -puN /dev/null Documentation/x86/protection-keys.txt
--- /dev/null 2016-03-01 16:49:31.662341041 -0800
+++ b/Documentation/x86/protection-keys.txt 2016-03-09 13:55:19.273412780 -0800
@@ -0,0 +1,28 @@
+Memory Protection Keys for User pages is a CPU feature which will
+first appear on Skylake Servers, but will also be supported on
+future non-server parts.
+
+Memory Protection Keys provides a mechanism for enforcing page-based
+protections, but without requiring modification of the page tables
+when an application changes protection domains. It works by
+dedicating 4 previously ignored bits in each page table entry to a
+"protection key", giving 16 possible keys.
+
+There is also a new user-accessible register (PKRU) with two separate
+bits (Access Disable and Write Disable) for each key. Being a CPU
+register, PKRU is inherently thread-local, potentially giving each
+thread a different set of protections from every other thread.
+
+There are two new instructions (RDPKRU/WRPKRU) for reading and writing
+to the new register. The feature is only available in 64-bit mode,
+even though there is theoretically space in the PAE PTEs. These
+permissions are enforced on data access only and have no effect on
+instruction fetches.
+
+=========================== Config Option ===========================
+
+This config option adds approximately 1.5kb of text. and 50 bytes of
+data to the executable. A workload which does large O_DIRECT reads
+of holes in XFS files was run to exercise get_user_pages_fast(). No
+performance delta was observed with the config option
+enabled or disabled.
_
next prev parent reply other threads:[~2016-03-09 22:00 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-09 22:00 [PATCH 0/9] System Calls for Memory Protection Keys Dave Hansen
2016-03-09 22:00 ` Dave Hansen [this message]
2016-03-09 22:00 ` [PATCH 2/9] x86, pkeys: add fault handling for PF_PK page fault bit Dave Hansen
2016-03-09 22:00 ` [PATCH 3/9] mm: implement new pkey_mprotect() system call Dave Hansen
2016-03-09 22:00 ` [PATCH 4/9] x86, pkeys: make mprotect_key() mask off additional vm_flags Dave Hansen
2016-03-09 22:00 ` [PATCH 5/9] x86: wire up mprotect_key() system call Dave Hansen
2016-03-09 22:00 ` [PATCH 6/9] x86, pkeys: allocation/free syscalls Dave Hansen
2016-03-09 22:00 ` [PATCH 7/9] x86, pkeys: add pkey set/get syscalls Dave Hansen
2016-03-09 22:00 ` [PATCH 8/9] pkeys: add details of system call use to Documentation/ Dave Hansen
2016-03-09 22:00 ` [PATCH 9/9] x86, pkeys: add self-tests Dave Hansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160309220009.8F33CBCB@viggo.jf.intel.com \
--to=dave@sr71.net \
--cc=dave.hansen@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox