Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752311AbbEGR5O (ORCPT ); Thu, 7 May 2015 13:57:14 -0400 Received: from mail-wi0-f181.google.com ([209.85.212.181]:35519 "EHLO mail-wi0-f181.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751096AbbEGR5M (ORCPT ); Thu, 7 May 2015 13:57:12 -0400 Date: Thu, 7 May 2015 19:57:07 +0200 From: Ingo Molnar To: Dave Hansen Cc: linux-kernel@vger.kernel.org, x86@kernel.org Subject: Re: [PATCH 00/12] [RFC] x86: Memory Protection Keys Message-ID: <20150507175707.GA22172@gmail.com> References: <20150507174132.34AF8FAF@viggo.jf.intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20150507174132.34AF8FAF@viggo.jf.intel.com> User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1560 Lines: 38 * Dave Hansen wrote: > == FEATURE OVERVIEW == > > Memory Protection Keys for Userspace (PKU aka PKEYs) is a CPU > feature which will be found in future Intel CPUs. The work here was > done with the aid of simulators. > > Memory Protection Keys provides a mechanism for enforcing page-based > protections, but without requiring modification of the page tables > when an application changes protection domains. It works by > dedicating 4 previously ignored bits in each page table entry to a > "protection key", giving 16 possible keys. > > There is also a new user-accessible register (PKRU) with two > separate bits (Access Disable and Write Disable) for each key. Being > a CPU register, PKRU is inherently thread-local, potentially giving > each thread a different set of protections from every other thread. > > There are two new instructions (RDPKRU/WRPKRU) for reading and > writing to the new register. The feature is only available in > 64-bit mode, even though there is theoretically space in the PAE > PTEs. These permissions are enforced on data access only and have > no effect on instruction fetches. So I'm wondering what the primary usecases are for this feature? Could you outline applications/workloads/libraries that would benefit from this? Thanks, Ingo -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/