Protection Key Supervisor provides fast, thread-specific manipulation of permission restrictions on kernel pages.
Multiple patch sets have been reviewed recently targeting an initial use case to provide stray write protection to persistent memory.
Persistent memory is mapped into the direct map and unlike regular DRAM it is particularly venerable to programming errors which would result in the corruption of data.
Additional use cases have been explored and will be included in the presentation. Specifically for the hardening of page tables and other sensitive kernel data.
|I agree to abide by the anti-harassment policy