LWN: Comments on "Memory protection keys for the kernel"

Memory protection keys for the kernel

corbet — Fri, 24 Jul 2020 13:36:04 +0000

The protection key is stored in the page-table entry (where the hardware can see it), not the page structure.

Memory protection keys for the kernel

dxin — Fri, 24 Jul 2020 03:56:42 +0000

I thought this page structure is already running out of bits, so where is this new protector flag stored? It has to be per-page info, right?

Memory protection keys for the kernel

Cyberax — Wed, 22 Jul 2020 16:21:11 +0000

The Gigabyte motherboard is actually reasonable. Hmm... I'm going to try and build something using it.

Memory protection keys for the kernel

farnz — Wed, 22 Jul 2020 12:29:43 +0000

Lenovo will sell you a system with Optane DC (price on application, though) - the ThinkSystem SR570 and SR650 (at least) support it as a chargeable extra. Dell claim it's an option on the PowerEdge R640, but only if you contact your Dell rep. It looks like Gigabyte's MD71, MU71, and MD61 series motherboards also support Optane DC when fitted with a compatible processor.

Memory protection keys for the kernel

hmh — Wed, 22 Jul 2020 12:23:16 +0000

Hmm, it seems subpar that you'd have to trust all drivers to not get it wrong and leave the write protect disabled. Given what happens on driver land, that's almost the same as not having the protection in the first place.

Maybe It should grow a dev_protectmore() of some sort that moves the memory to another zone which is permanently protected (it is fine if it can be moved back to the normal dev zone with a dev_needsomewriting(), the point is that it won't be left writeable because of issues in any other driver in the system ).

Might even be what is normally used for memory the kernel should not write to, since it would cost the full TLB Flushing, etc. So it would not necessarily need to use a second protection key.

Or is it working like that already?

Memory protection keys for the kernel

Fowl — Wed, 22 Jul 2020 01:33:40 +0000

Kinda like a "process lite", without overlapping address spaces. Reminds me vaguely of https://en.wikipedia.org/wiki/Mill_architecture

So many of these security features - the memory access pipeline testing matrix must be a nightmare.

Memory protection keys for the kernel

Cyberax — Wed, 22 Jul 2020 00:15:44 +0000

Nice!

The price is a bit steep, true. What kind of system do you need to use it? I don't mind building it myself.

Memory protection keys for the kernel

hansendc — Wed, 22 Jul 2020 00:06:21 +0000

The marketing names tend not to line up all that well with the names we use in the kernel, which can make it hard to find. Here's one place I found that appears to actually sell them:

https://www.cdw.com/product/Intel-Optane-DC-Persistent-DD...

Please note, though, these can only go into very specific systems with very specific firmware and in very specific configurations. You can't just buy one and throw it in a normal system. Disclaimer: I work at Intel. I have no connection to the vendor above, the link was just the first thing that popped up when I searched for the marketing name for the NVDIMMs.

Memory protection keys for the kernel

Cyberax — Tue, 21 Jul 2020 22:54:57 +0000

About that fabled "persistent memory"... Any news on that front? I'm still waiting for a device that I can actually buy and that works like true persistent memory, not a PCIe device.