IBM AIX Continuous Availability Features - IBM Redbooks
IBM AIX Continuous Availability Features - IBM Redbooks
IBM AIX Continuous Availability Features - IBM Redbooks
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
This is accomplished by exclusively dedicating hardware keys for use by applications. The<br />
primary user key UKEY_PUBLIC is the default storage-key for user data. Access to this key<br />
cannot be disabled in user-mode.<br />
The UKEY values are an abstraction of storage keys. These key values are the same across<br />
all applications. For example, if one process sets a shared page to UKEY_PRIVATE1, all<br />
processes need UKEY_PRIVATE1 authority to access that page.<br />
The sysconf() service can be used to determine if user keys are available without load time<br />
dependencies. Applications must use ukey_enable() to enable user keys before user key<br />
APIs can be used. All user memory pages are initialized to be in UKEY_PUBLIC. Applications<br />
have the option to alter the user key for specific data pages that should not be publicly<br />
accessible. User keys may not be altered on mapped files. The application must have write<br />
authority to shared memory to alter the user key.<br />
Other considerations for user keys application programming<br />
Like kernel key support, user key support is intended as a Reliability and Serviceability<br />
feature. It is not intended to provide a security function. A system call permits applications to<br />
modify the AMR to allow and disallow access to user data regions, with no authority checking.<br />
The kernel manages its own AMR when user keys are in use. When the kernel performs<br />
loads or stores on behalf of an application, it respects the user mode AMR that was active<br />
when the request was initiated. The user key values are shared among threads in a<br />
multithreaded process, but a user mode AMR is maintained per thread. Kernel context<br />
switches preserve the AMR. Threaded applications are prevented from running M:N mode<br />
with user keys enabled by the ukey_enable() system call and pthread_create().<br />
The user mode AMR is inherited by fork(), and it is reset to its default by exec(). The default<br />
user mode value enables only UKEY_PUBLIC (read and write access). A system call,<br />
ukeyset_activate() is available to modify the user mode AMR. Applications cannot disable<br />
access to UKEY_PUBLIC. Preventing this key from being disabled allows memory that is<br />
“unknown” to an application to always be accessible. For example, the TOC or data used by<br />
an external key-unsafe library is normally set to UKEY_PUBLIC.<br />
The ucontext_t structure is extended to allow the virtualized user mode AMR to be saved and<br />
restored. The sigcontext structure is not changed. The jmp_buf structure is not extended to<br />
contain an AMR, so callers of setjmp(), _setjmp(), and sig_setjmp() must perform explicit<br />
AMR management. A ukey_setjmp() API is provided that is a front-end to setjmp() and<br />
manages the user mode AMR.<br />
The user mode AMR is reset to contain only UKEY_PUBLIC when signals are delivered and<br />
the interrupted AMR is saved in the ucontext_t structure. Signal handlers that access storage<br />
that is not mapped UKEY_PUBLIC are responsible for establishing their user mode AMR.<br />
Hardware and operating system considerations<br />
► <strong>AIX</strong> APIs for application user keys will be made available in <strong>AIX</strong> 5.3 TL6 running on<br />
POWER6 hardware. <strong>AIX</strong> V5.3 does not support kernel keys.<br />
► In <strong>AIX</strong> V5.3 TL6, application interfaces that exploit user keys only function with the 64-bit<br />
kernel. When the 32-bit kernel is running, these user keys APIs fail.<br />
► User keys are considered an optional platform feature. APIs are present to query if user<br />
keys are supported at runtime, and how many user keys are available.<br />
► User keys are available in 32-bit and 64-bit user-mode APIs.<br />
► User keys can be used by threaded applications in 1:1 mode. They are not supported in<br />
M:N mode.<br />
Chapter 3. <strong>AIX</strong> advanced continuous availability tools and features 101