xtc_pkey(3)
---xtc_pkey(3)
memory-protection-key (PKU) tier for in-process isolation
| XTC_PKEY(3) | Library Functions Manual | XTC_PKEY(3) |
NAME
xtc_pkey_supported,
xtc_pkey_alloc,
xtc_pkey_protect,
xtc_pkey_set_access,
xtc_pkey_free —
memory-protection-key (PKU) tier for in-process
isolation
SYNOPSIS
#include <xtc.h>
#include <xtc_pkey.h>
int
xtc_pkey_supported(void);
int
xtc_pkey_alloc(int
*out_key);
int
xtc_pkey_protect(void
*addr, size_t len,
int key);
int
xtc_pkey_set_access(int
key, int
allow_read, int
allow_write);
int
xtc_pkey_free(int
key);
DESCRIPTION
xtc_pkey is an optional
memory-protection-key tier for in-process memory isolation, built on the
hardware protection-key facility (Intel PKU / the
pkey_alloc(2) family on Linux/x86 with OSPKE). A
protection key tags a range of pages; the calling thread's per-key access
rights then gate reads and writes to those pages independently of the pages'
base protection bits, and rights can be flipped cheaply (a register write)
without a syscall. This lets a thread temporarily seal off a region -- for
example to guard a metadata arena against stray writes outside a short
critical window.
xtc_pkey_supported()
returns non-zero if the running kernel and CPU provide protection keys. All
other functions return XTC_E_NOSYS where the
facility is unavailable (non-glibc libc without the
pkey_*()
wrappers, non-x86, macOS, Windows), so callers can probe once and fall
back.
xtc_pkey_alloc()
allocates a protection key into *out_key. Keys are a
scarce hardware resource (typically 15 usable); free them with
xtc_pkey_free().
xtc_pkey_protect()
tags the len bytes at addr
(page-aligned range) with key. Access is thereafter
gated by the key's per-thread rights.
xtc_pkey_set_access()
sets the calling thread's rights for key:
allow_read and allow_write are
booleans. Disabling write, then writing a tagged page, faults (delivers
SIGSEGV). Rights are per-thread: each thread sets
its own view.
xtc_pkey_free()
releases key.
RETURN VALUES
xtc_pkey_supported() returns 1 if
supported, 0 otherwise. The int functions return
XTC_OK on success, a negative
XTC_E_* code on error, or
XTC_E_NOSYS where protection keys are
unavailable.
SEE ALSO
AUTHORS
The XTC Project.
| July 3, 2026 | Debian |