x86 Protection Keys in Zircon

[Pedro Falcato]

Hi everyone,

I was looking the other day at pkeys and Zircon doesn't seem to have support for those. Have there been any discussions on implementing support for them?

I was thinking it could be remotely useful for security reasons and would extend the traditional MMU RWX permissions, which could allow for things like a pure execute-only mapping or per-thread isolation of access by simply mutating the PKRU of each thread. Of course, it might mean some ABI changes, whether by introduction of new system calls (like Linux does with pkey_alloc(2) and pkey_free(2)) or reservation of specific protection keys for internal kernel use, which of course might need proper discussion and not just me writing the damn thing alone :)

Also, a fair concern might be whether or not the concept is portable to other architectures like ARM64, but I'm not too familiar with those, so some feedback would be great!

Best regards,

Pedro

[Suraj Malhotra]

Hi Pedro,

I'm not sure anyone has really investigated this properly. It seems to be a relatively new feature, only available on a subset of x86_64 CPUs, mostly server oriented at the moment? I don't think any of the hardware we currently support (ie NUCs) has the functionality.

CCing security-dev@ in case they have someone more knowledgeable who can respond.

Cheers,
Suraj