lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 09 Mar 2016 14:00:09 -0800
From:	Dave Hansen <dave@...1.net>
To:	linux-kernel@...r.kernel.org
Cc:	Dave Hansen <dave@...1.net>, dave.hansen@...ux.intel.com
Subject: [PATCH 1/9] x86, pkeys: Documentation


From: Dave Hansen <dave.hansen@...ux.intel.com>

Give a high-level overview of Protection Keys from a hardware
perspective, as well as some description since we referred to
this from the Kconfig text.

Signed-off-by: Dave Hansen <dave.hansen@...ux.intel.com>
---

 b/Documentation/x86/protection-keys.txt |   28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff -puN /dev/null Documentation/x86/protection-keys.txt
--- /dev/null	2016-03-01 16:49:31.662341041 -0800
+++ b/Documentation/x86/protection-keys.txt	2016-03-09 13:55:19.273412780 -0800
@@ -0,0 +1,28 @@
+Memory Protection Keys for User pages is a CPU feature which will
+first appear on Skylake Servers, but will also be supported on
+future non-server parts.
+
+Memory Protection Keys provides a mechanism for enforcing page-based
+protections, but without requiring modification of the page tables
+when an application changes protection domains.  It works by
+dedicating 4 previously ignored bits in each page table entry to a
+"protection key", giving 16 possible keys.
+
+There is also a new user-accessible register (PKRU) with two separate
+bits (Access Disable and Write Disable) for each key.  Being a CPU
+register, PKRU is inherently thread-local, potentially giving each
+thread a different set of protections from every other thread.
+
+There are two new instructions (RDPKRU/WRPKRU) for reading and writing
+to the new register.  The feature is only available in 64-bit mode,
+even though there is theoretically space in the PAE PTEs.  These
+permissions are enforced on data access only and have no effect on
+instruction fetches.
+
+=========================== Config Option ===========================
+
+This config option adds approximately 1.5kb of text. and 50 bytes of
+data to the executable.  A workload which does large O_DIRECT reads
+of holes in XFS files was run to exercise get_user_pages_fast().  No
+performance delta was observed with the config option
+enabled or disabled.
_

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ