From: Dave Hansen <dave@sr71.net>
To: Christian Borntraeger <borntraeger@de.ibm.com>,
Ingo Molnar <mingo@kernel.org>
Cc: linux-kernel@vger.kernel.org, x86@kernel.org,
linux-s390 <linux-s390@vger.kernel.org>
Subject: Re: [PATCH 00/12] [RFC] x86: Memory Protection Keys
Date: Thu, 07 May 2015 12:49:48 -0700 [thread overview]
Message-ID: <554BC1DC.3050303@sr71.net> (raw)
In-Reply-To: <554BC0CE.6070900@de.ibm.com>
On 05/07/2015 12:45 PM, Christian Borntraeger wrote:
>>> >> This all looks like s390 storage keys (with the key in pagetables instead
>>> >> of a dedicated place). There we also have 16 values for the key and 4 bits
>>> >> in the PSW that describe the thread local key both are matched.
>>> >> There is an additional field F (fetch protection) that decides, if the
>>> >> key value is used for stores or for stores+fetches.
>> >
>> > OK, so a thread can only be in one domain at a time?
> Via the PSW yes.
> Actually the docs talk about access key, which is usually the PSW. There are
> some instructions like MOVE WITH KEY that allow to specify the key for this
> specific instruction. For compiled code these insructions are not used in
> Linux and I can not really see a way to implement that properly. Furthermore
> enabling these key ops has other implications which are unwanted.
OK, so we have to basic operations that need to be done for
protection/storage/$FOO keys:
1. Assign a key (or set of keys) to a memory area
2. Have a thread request the access (read and/or write) to a set of
areas be acquired or revoked.
For (2) on x86, we basically allow any combination of keys and r/w
permissions. On s390, we would need to ensure that acces to only one
key was allowed at a time.
BTW, do the s390 keys affect instructions and data, or data only?
The x86 ones affect data only.
next prev parent reply other threads:[~2015-05-07 19:49 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-07 17:41 [PATCH 00/12] [RFC] x86: Memory Protection Keys Dave Hansen
2015-05-07 17:41 ` [PATCH 02/12] x86, pku: define new CR4 bit Dave Hansen
2015-05-07 17:41 ` [PATCH 01/12] x86, pkeys: cpuid bit definition Dave Hansen
2015-05-07 17:41 ` [PATCH 06/12] x86, pkeys: store protection in high VMA flags Dave Hansen
2015-05-15 21:10 ` Thomas Gleixner
2015-05-15 21:13 ` Dave Hansen
2015-05-07 17:41 ` [PATCH 05/12] x86, pkeys: new page fault error code bit: PF_PK Dave Hansen
2015-05-07 17:41 ` [PATCH 04/12] x86, pkeys: PTE bits Dave Hansen
2015-05-07 17:41 ` [PATCH 03/12] x86, pkey: pkru xsave fields and data structure Dave Hansen
2015-05-07 17:41 ` [PATCH 08/12] x86, pkeys: arch-specific protection bits Dave Hansen
2015-05-07 17:41 ` [PATCH 07/12] mm: Pass the 4-bit protection key in via PROT_ bits to syscalls Dave Hansen
2015-05-07 19:11 ` One Thousand Gnomes
2015-05-07 19:19 ` Dave Hansen
2015-09-04 20:13 ` Florian Weimer
2015-09-04 20:18 ` Dave Hansen
2015-09-04 20:34 ` Florian Weimer
2015-09-04 20:41 ` Dave Hansen
2015-05-07 17:41 ` [PATCH 12/12] x86, pkeys: Documentation Dave Hansen
2015-05-07 17:41 ` [PATCH 11/12] x86, pkeys: actually enable Memory Protection Keys in CPU Dave Hansen
2015-05-07 17:41 ` [PATCH 09/12] x86, pkeys: notify userspace about protection key faults Dave Hansen
2015-05-07 17:41 ` [PATCH 10/12] x86, pkeys: differentiate Protection Key faults from normal Dave Hansen
2015-05-07 17:57 ` [PATCH 00/12] [RFC] x86: Memory Protection Keys Ingo Molnar
2015-05-07 18:09 ` Dave Hansen
2015-05-07 18:48 ` Vlastimil Babka
2015-05-07 21:45 ` Dave Hansen
2015-05-09 19:09 ` Dr. David Alan Gilbert
2015-05-07 19:18 ` One Thousand Gnomes
2015-05-07 19:26 ` Ingo Molnar
2015-05-07 19:40 ` Dave Hansen
2015-05-07 20:11 ` One Thousand Gnomes
2015-05-08 4:51 ` Ingo Molnar
2015-05-08 6:09 ` Kevin Easton
2015-05-07 19:22 ` Christian Borntraeger
2015-05-07 19:29 ` Dave Hansen
2015-05-07 19:45 ` Christian Borntraeger
2015-05-07 19:49 ` Dave Hansen [this message]
2015-05-07 19:57 ` Christian Borntraeger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=554BC1DC.3050303@sr71.net \
--to=dave@sr71.net \
--cc=borntraeger@de.ibm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox