[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <426cc161-a419-42bb-9860-5b628b0821ab@oracle.com>
Date: Mon, 18 Mar 2024 18:32:16 +0100
From: Matthias Neugschwandtner <matthias.neugschwandtner@...cle.com>
To: Aruna Ramakrishna <aruna.ramakrishna@...cle.com>,
Dave Hansen <dave.hansen@...el.com>
Cc: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"x86@...nel.org" <x86@...nel.org>,
"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
"tglx@...utronix.de" <tglx@...utronix.de>,
Eric Sedlar <eric.sedlar@...cle.com>,
Andrew Brownsword <andrew.brownsword@...cle.com>,
Craig Schelp <craig.schelp@...cle.com>
Subject: Re: [RFC PATCH] x86/pkeys: update PKRU to enable pkey 0 before XSAVE
On 3/15/24 05:47, Aruna Ramakrishna wrote:
> It’s not about the man page - it's just that, my understanding of this flow and this use case stems from there. I think we assumed that we can turn off pkey 0 and still be able to set up the alt sig stack (and have the kernel reset it to init_pkru anyway) - and when that didn’t work, it seemed like a bug. :)
>
>> In other words, you're not going to spur me into action my thwapping me
>> with the manpage that I wrote. You've got to convince me that your new
>> use case is valid, this is the best way to support your new use case,
>> and that your implementation of the new feature is sane.
>>
>>
>
> Matthias/Eric,
> Can you please talk about the use case in greater detail?
Sure. The core use case we are trying to handle is inspired by the seminal
ERIM paper [1] on using protection keys for in-process isolation. We want to
protect the memory regions of an application from corruption by a component
that co-resides in the same address space.
Since all memory allocated by the main application is tagged with pkey 0 by
default, we remove access to it when entering the component. If a signal is
triggered at that time, the kernel subsequently fails to set up the signal
handling stack.
Thank you,
Matthias
[1]
https://www.usenix.org/conference/usenixsecurity19/presentation/vahldiek-oberwagner
Powered by blists - more mailing lists