Post Syndicated from corbet original https://lwn.net/Articles/1004029/

Attacks on the kernel can take many forms; one popular exploitation path is
to find a way to overwrite some memory with attacker-supplied data. If the
right memory can be targeted, one well-targeted stray write is all that is
needed to take control of the system. Since the system’s page tables
regulate access to memory, they are an attractive target for this type of
attack. This patch
set from Kevin Brodsky is an attempt to protect page tables (and,
eventually, other data structures) using the “memory protection keys”
feature provided by a number of CPU architectures.