mirror of https://github.com/mkerrisk/man-pages
pkeys.7: Cosmetic changes to example program
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
435f231ac9
commit
8bb4e76704
101
man7/pkeys.7
101
man7/pkeys.7
|
@ -165,81 +165,104 @@ Segmentation fault (core dumped)
|
|||
#include <stdio.h>
|
||||
#include <sys/mman.h>
|
||||
|
||||
static inline void wrpkru(unsigned int pkru)
|
||||
static inline void
|
||||
wrpkru(unsigned int pkru)
|
||||
{
|
||||
unsigned int eax = pkru;
|
||||
unsigned int ecx = 0;
|
||||
unsigned int edx = 0;
|
||||
unsigned int eax = pkru;
|
||||
unsigned int ecx = 0;
|
||||
unsigned int edx = 0;
|
||||
|
||||
asm volatile(".byte 0x0f,0x01,0xef\n\t"
|
||||
: : "a" (eax), "c" (ecx), "d" (edx));
|
||||
asm volatile(".byte 0x0f,0x01,0xef\\n\\t"
|
||||
: : "a" (eax), "c" (ecx), "d" (edx));
|
||||
}
|
||||
|
||||
int pkey_set(int pkey, unsigned long rights, unsigned long flags)
|
||||
int
|
||||
pkey_set(int pkey, unsigned long rights, unsigned long flags)
|
||||
{
|
||||
unsigned int pkru = (rights << (2*pkey));
|
||||
unsigned int pkru = (rights << (2 * pkey));
|
||||
return wrpkru(pkru);
|
||||
}
|
||||
|
||||
int pkey_mprotect(void *ptr, size_t size, unsigned long orig_prot, unsigned long pkey)
|
||||
int
|
||||
pkey_mprotect(void *ptr, size_t size, unsigned long orig_prot,
|
||||
unsigned long pkey)
|
||||
{
|
||||
return syscall(SYS_pkey_mprotect, ptr, size, orig_prot, pkey);
|
||||
}
|
||||
|
||||
int pkey_alloc(void)
|
||||
int
|
||||
pkey_alloc(void)
|
||||
{
|
||||
return syscall(SYS_pkey_alloc, 0, 0);
|
||||
}
|
||||
|
||||
int pkey_free(unsigned long pkey)
|
||||
int
|
||||
pkey_free(unsigned long pkey)
|
||||
{
|
||||
return syscall(SYS_pkey_free, pkey);
|
||||
}
|
||||
|
||||
int main(void)
|
||||
#define errExit(msg) do { perror(msg); exit(EXIT_FAILURE); \\
|
||||
} while (0)
|
||||
|
||||
int
|
||||
main(void)
|
||||
{
|
||||
int status;
|
||||
int pkey;
|
||||
int *buffer;
|
||||
|
||||
/* Allocate one page of memory: */
|
||||
buffer = mmap(NULL, getpagesize(), PROT_READ|PROT_WRITE, MAP_ANONYMOUS|MAP_PRIVATE, -1, 0);
|
||||
/*
|
||||
*Allocate one page of memory
|
||||
*/
|
||||
buffer = mmap(NULL, getpagesize(), PROT_READ | PROT_WRITE,
|
||||
MAP_ANONYMOUS | MAP_PRIVATE, \-1, 0);
|
||||
if (buffer == MAP_FAILED)
|
||||
return -ENOMEM;
|
||||
|
||||
/* Put some random data in to the page (still OK to touch): */
|
||||
(*buffer) = __LINE__;
|
||||
printf("buffer contains: %d\\n", *buffer);
|
||||
|
||||
/* Allocate a protection key: */
|
||||
pkey = pkey_alloc();
|
||||
if (pkey < 0)
|
||||
return pkey;
|
||||
|
||||
/* Disable access to any memory with "pkey" set,
|
||||
* even though there is none right now. */
|
||||
status = pkey_set(pkey, PKEY_DISABLE_ACCESS, 0);
|
||||
if (status)
|
||||
return status;
|
||||
errExit("mmap");
|
||||
|
||||
/*
|
||||
* set the protection key on "buffer":
|
||||
* Note that it is still read/write as far as mprotect() is,
|
||||
* Put some random data into the page (still OK to touch)
|
||||
*/
|
||||
*buffer = __LINE__;
|
||||
printf("buffer contains: %d\\n", *buffer);
|
||||
|
||||
/*
|
||||
* Allocate a protection key:
|
||||
*/
|
||||
pkey = pkey_alloc();
|
||||
if (pkey == \-1)
|
||||
errExit("pkey_alloc");
|
||||
|
||||
/*
|
||||
* Disable access to any memory with "pkey" set,
|
||||
* even though there is none right now
|
||||
*/
|
||||
status = pkey_set(pkey, PKEY_DISABLE_ACCESS, 0);
|
||||
if (status)
|
||||
errExit("pkey_set");
|
||||
|
||||
/*
|
||||
* Set the protection key on "buffer".
|
||||
* Note that it is still read/write as far as mprotect() is
|
||||
* concerned and the previous pkey_set() overrides it.
|
||||
*/
|
||||
status = pkey_mprotect(buffer, getpagesize(), PROT_READ|PROT_WRITE, pkey);
|
||||
if (status)
|
||||
return status;
|
||||
status = pkey_mprotect(buffer, getpagesize(),
|
||||
PROT_READ | PROT_WRITE, pkey);
|
||||
if (status == -1)
|
||||
errExit("pkey_mprotect");
|
||||
|
||||
printf("about to read buffer again...\\n");
|
||||
/* this will crash, because we have disallowed access: */
|
||||
|
||||
/*
|
||||
* This will crash, because we have disallowed access
|
||||
*/
|
||||
printf("buffer contains: %d\\n", *buffer);
|
||||
|
||||
status = pkey_free(pkey);
|
||||
if (status)
|
||||
return status;
|
||||
if (status == -1)
|
||||
errExit("pkey_free");
|
||||
|
||||
return 0;
|
||||
exit(EXIT_SUCCESS);
|
||||
}
|
||||
.SH SEE ALSO
|
||||
.BR pkey_alloc (2),
|
||||
|
|
Loading…
Reference in New Issue