|
HTML rendering created 2025-09-06 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|
|
NAME | LIBRARY | SYNOPSIS | DESCRIPTION | RETURN VALUE | ERRORS | STANDARDS | HISTORY | NOTES | EXAMPLES | SEE ALSO | COLOPHON |
|
|
|
pkey_alloc(2) System Calls Manual pkey_alloc(2)
pkey_alloc, pkey_free - allocate or free a protection key
Standard C library (libc, -lc)
#define _GNU_SOURCE /* See feature_test_macros(7) */
#include <sys/mman.h>
int pkey_alloc(unsigned int flags, unsigned int access_rights);
int pkey_free(int pkey);
pkey_alloc() allocates a protection key (pkey) and allows it to be
passed to pkey_mprotect(2).
The pkey_alloc() flags is reserved for future use and currently
must always be specified as 0.
The pkey_alloc() access_rights argument may contain zero or more
disable operations:
PKEY_DISABLE_ACCESS
Disable all data access to memory covered by the returned
protection key.
PKEY_DISABLE_WRITE
Disable write access to memory covered by the returned
protection key.
pkey_free() frees a protection key and makes it available for
later allocations. After a protection key has been freed, it may
no longer be used in any protection-key-related operations.
An application should not call pkey_free() on any protection key
which has been assigned to an address range by pkey_mprotect(2)
and which is still in use. The behavior in this case is undefined
and may result in an error.
On success, pkey_alloc() returns a positive protection key value.
On success, pkey_free() returns zero. On error, -1 is returned,
and errno is set to indicate the error.
EINVAL pkey, flags, or access_rights is invalid.
ENOSPC (pkey_alloc()) All protection keys available for the
current process have been allocated. The number of keys
available is architecture-specific and implementation-
specific and may be reduced by kernel-internal use of
certain keys. There are currently 15 keys available to
user programs on x86.
This error will also be returned if the processor or
operating system does not support protection keys.
Applications should always be prepared to handle this
error, since factors outside of the application's control
can reduce the number of available pkeys.
Linux.
Linux 4.9, glibc 2.27.
pkey_alloc() is always safe to call regardless of whether or not
the operating system supports protection keys. It can be used in
lieu of any other mechanism for detecting pkey support and will
simply fail with the error ENOSPC if the operating system has no
pkey support.
The kernel guarantees that the contents of the hardware rights
register (PKRU) will be preserved only for allocated protection
keys. Any time a key is unallocated (either before the first call
returning that key from pkey_alloc() or after it is freed via
pkey_free()), the kernel may make arbitrary changes to the parts
of the rights register affecting access to that key.
See pkeys(7).
pkey_mprotect(2), pkeys(7)
This page is part of the man-pages (Linux kernel and C library
user-space interface documentation) project. Information about
the project can be found at
⟨https://www.kernel.org/doc/man-pages/⟩. If you have a bug report
for this manual page, see
⟨https://git.kernel.org/pub/scm/docs/man-pages/man-pages.git/tree/CONTRIBUTING⟩.
This page was obtained from the tarball man-pages-6.15.tar.gz
fetched from
⟨https://mirrors.edge.kernel.org/pub/linux/docs/man-pages/⟩ on
2025-08-11. If you discover any rendering problems in this HTML
version of the page, or you believe there is a better or more up-
to-date source for the page, or you have corrections or
improvements to the information in this COLOPHON (which is not
part of the original manual page), send a mail to
man-pages@man7.org
Linux man-pages 6.15 2025-05-17 pkey_alloc(2)
Pages that refer to this page: mprotect(2), syscalls(2), pkeys(7)
|
HTML rendering created 2025-09-06 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|