Linux: Implement interfaces for memory protection keys

This adds system call wrappers for pkey_alloc, pkey_free, pkey_mprotect, and x86-64 implementations of pkey_get and pkey_set, which abstract over the PKRU CPU register and hide the actual number of memory protection keys supported by the CPU. pkey_mprotect with a -1 key is implemented using mprotect, so it will work even if the kernel does not support the pkey_mprotect system call. The system call wrapers use unsigned int instead of unsigned long for parameters, so that no special treatment for x32 is needed. The flags argument is currently unused, and the access rights bit mask is limited to two bits by the current PKRU register layout anyway. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
author: Florian Weimer <fweimer@redhat.com> 2017-12-05 15:20:30 +0100
committer: Florian Weimer <fweimer@redhat.com> 2017-12-05 15:20:35 +0100
commit: 446d22e91d3113be57a4b0d1151cf337458c3bec (patch)
tree: 933a5832d0cbd3aed24a722f1b28a6aefd95fb6c /NEWS
parent: da616c1496e2bd3022dbe4afdd162a80731c08ad (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 10f695aab1..6b1a2f92f7 100644
--- a/NEWS
+++ b/NEWS
@@ -43,6 +43,10 @@ Major new features:
 
 * glibc now implements the memfd_create and mlock2 functions on Linux.
 
+* Support for memory protection keys was added.  The <sys/mman.h> header now
+  declares the functions pkey_alloc, pkey_free, pkey_mprotect, pkey_set,
+  pkey_get.
+
 Deprecated and removed features, and other changes affecting compatibility:
 
 * On GNU/Linux, the obsolete Linux constant PTRACE_SEIZE_DEVEL is no longer
author	Florian Weimer <fweimer@redhat.com>	2017-12-05 15:20:30 +0100
committer	Florian Weimer <fweimer@redhat.com>	2017-12-05 15:20:35 +0100
commit	446d22e91d3113be57a4b0d1151cf337458c3bec (patch)
tree	933a5832d0cbd3aed24a722f1b28a6aefd95fb6c /NEWS
parent	da616c1496e2bd3022dbe4afdd162a80731c08ad (diff)