[RFC v2 06/13] mm: Add the encrypt_mprotect() system call
Sakkinen, Jarkko
jarkko.sakkinen at intel.com
Thu Dec 6 08:38:42 UTC 2018
On Mon, 2018-12-03 at 23:39 -0800, Alison Schofield wrote:
> Implement memory encryption with a new system call that is an
> extension of the legacy mprotect() system call.
>
> In encrypt_mprotect the caller must pass a handle to a previously
> allocated and programmed encryption key. Validate the key and store
> the keyid bits in the vm_page_prot for each VMA in the protection
> range.
>
> Signed-off-by: Alison Schofield <alison.schofield at intel.com>
> Signed-off-by: Kirill A. Shutemov <kirill.shutemov at linux.intel.com>
Why you don't use that NO_KEY in this patch?
/Jarkko
More information about the Linux-security-module-archive
mailing list