|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [UNIKRAFT PATCH 0/2] support PKE on x86
From: Hugo Lefeuvre <hugo.lefeuvre@xxxxxxxxxx> Hi, There is an ongoing work to support memory protection keys (MPK, also referred to as protection keys userspace -- PKU) in Unikraft. Full support will be achieved by: (1) detecting the availability of PKU and enabling it via CR4 (2) supporting PKU-related protection changes in the page table (3) supporting PKU-swap during thread context switches (4) defining an new interface/microlib to facilitate the use of MPKs This patch implements (1) as a first step towards a full support of memory protection keys in the main tree. This patch is independent from (2)-(4) and can already be merged as-is. It has been tested thoroughly: (2)-(4) are already implemented and tested, but cannot be merged immediately since they are based on top of the yet to come page table support series. More details regarding the implementation: Since we do not want to pay the cost of MPK-related code when MPK is not enabled, we introduce a new HAVE_X86PKU property; MPK code is compile-guarded so that it does not get compiled in without HAVE_X86PKU. HAVE_X86PKU will be set by PKU kernel libraries later on (this is step (4)). At boot time, if HAVE_X86PKU is enabled, the kernel now checks whether PKU is advertised by cpuid. If yes, it enables it by setting bit 22 (PKE) in CR4. If not, it aborts the boot process (the underlying idea is that images compiled with HAVE_X86PKU are *specialized* to be executed on PKU-enabled hardware). Hugo Lefeuvre (2): plat/kvm: support PKE bit on x86 plat/xen: support PKE bit on x86 lib/Config.uk | 4 ++++ plat/common/include/x86/cpu.h | 15 +++++++++++++++ plat/common/include/x86/cpu_defs.h | 3 +++ plat/kvm/x86/entry64.S | 12 ++++++++++++ plat/kvm/x86/setup.c | 4 ++++ plat/xen/x86/entry64.S | 9 +++++++++ plat/xen/x86/setup.c | 4 ++++ 7 files changed, 51 insertions(+) -- 2.20.1
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |