pkey_alloc, pkey_free — allocate or free a protection key
#define _GNU_SOURCE /* See feature_test_macros(7) */ #include <sys/mman.h>
int
pkey_alloc( |
unsigned int flags, |
unsigned int access_rights); |
int
pkey_free( |
int pkey); |
pkey_alloc() allocates a
protection key (pkey) and allows it to be passed to pkey_mprotect(2).
The pkey_alloc() flags is reserved for future
use and currently must always be specified as 0.
The pkey_alloc() access_rights argument may
contain zero or more disable operations:
PKEY_DISABLE_ACCESSDisable all data access to memory covered by the returned protection key.
PKEY_DISABLE_WRITEDisable write access to memory covered by the returned protection key.
pkey_free() frees a
protection key and makes it available for later allocations.
After a protection key has been freed, it may no longer be
used in any protection-key-related operations.
An application should not call pkey_free() on any protection key which has
been assigned to an address range by pkey_mprotect(2) and which
is still in use. The behavior in this case is undefined and
may result in an error.
On success, pkey_alloc()
returns a positive protection key value. On success,
pkey_free() returns zero. On
error, −1 is returned, and errno is set to indicate the error.
pkey,
flags, or
access_rights
is invalid.
(pkey_alloc()) All
protection keys available for the current process have
been allocated. The number of keys available is
architecture-specific and implementation-specific and
may be reduced by kernel-internal use of certain keys.
There are currently 15 keys available to user programs
on x86.
This error will also be returned if the processor or operating system does not support protection keys. Applications should always be prepared to handle this error, since factors outside of the application's control can reduce the number of available pkeys.
pkey_alloc() and
pkey_free() were added to Linux
in kernel 4.9; library support was added in glibc 2.27.
pkey_alloc() is always safe
to call regardless of whether or not the operating system
supports protection keys. It can be used in lieu of any other
mechanism for detecting pkey support and will simply fail
with the error ENOSPC if the
operating system has no pkey support.
The kernel guarantees that the contents of the hardware
rights register (PKRU) will be preserved only for allocated
protection keys. Any time a key is unallocated (either before
the first call returning that key from pkey_alloc() or after it is freed via
pkey_free()), the kernel may
make arbitrary changes to the parts of the rights register
affecting access to that key.
This page is part of release 5.11 of the Linux man-pages project. A
description of the project, information about reporting bugs,
and the latest version of this page, can be found at
https://www.kernel.org/doc/man−pages/.
|
Copyright (C) 2016 Intel Corporation %%%LICENSE_START(VERBATIM) Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are preserved on all copies. Permission is granted to copy and distribute modified versions of this manual under the conditions for verbatim copying, provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one. Since the Linux kernel and libraries are constantly changing, this manual page may be incorrect or out-of-date. The author(s) assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein. The author(s) may not have taken the same level of care in the production of this manual, which is licensed free of charge, as they might when working professionally. Formatted or processed versions of this manual, if unaccompanied by the source, must acknowledge the copyright and author of this work. %%%LICENSE_END |