Provided by: manpages-dev_5.05-1_all bug


       pkey_alloc, pkey_free - allocate or free a protection key


       #define _GNU_SOURCE             /* See feature_test_macros(7) */
       #include <sys/mman.h>

       int pkey_alloc(unsigned int flags, unsigned int access_rights);
       int pkey_free(int pkey);


       pkey_alloc()   allocates   a  protection  key  (pkey)  and  allows  it  to  be  passed  to

       The pkey_alloc() flags is reserved for future use and currently must always  be  specified
       as 0.

       The pkey_alloc() access_rights argument may contain zero or more disable operations:

              Disable all data access to memory covered by the returned protection key.

              Disable write access to memory covered by the returned protection key.

       pkey_free()  frees a protection key and makes it available for later allocations.  After a
       protection key has been freed, it may no longer  be  used  in  any  protection-key-related

       An  application  should not call pkey_free() on any protection key which has been assigned
       to an address range by pkey_mprotect(2) and which is still in use.  The behavior  in  this
       case is undefined and may result in an error.


       On success, pkey_alloc() returns a positive protection key value.  On success, pkey_free()
       returns zero.  On error, -1 is returned, and errno is set appropriately.


       EINVAL pkey, flags, or access_rights is invalid.

       ENOSPC (pkey_alloc()) All protection keys available for  the  current  process  have  been
              allocated.    The   number   of   keys   available   is  architecture-specific  and
              implementation-specific and may be reduced by kernel-internal use of certain  keys.
              There are currently 15 keys available to user programs on x86.

              This  error  will  also  be  returned if the processor or operating system does not
              support protection keys.  Applications should always be  prepared  to  handle  this
              error,  since factors outside of the application's control can reduce the number of
              available pkeys.


       pkey_alloc() and pkey_free() were added to Linux in kernel 4.9; library support was  added
       in glibc 2.27.


       The pkey_alloc() and pkey_free() system calls are Linux-specific.


       pkey_alloc()  is  always  safe  to  call regardless of whether or not the operating system
       supports protection keys.  It can be used in lieu of any  other  mechanism  for  detecting
       pkey  support  and  will  simply fail with the error ENOSPC if the operating system has no
       pkey support.

       The kernel guarantees that the contents of the hardware rights  register  (PKRU)  will  be
       preserved  only  for  allocated  protection  keys.   Any time a key is unallocated (either
       before the first call returning that key from  pkey_alloc()  or  after  it  is  freed  via
       pkey_free()),  the  kernel  may make arbitrary changes to the parts of the rights register
       affecting access to that key.


       See pkeys(7).


       pkey_mprotect(2), pkeys(7)


       This page is part of release 5.05 of the Linux man-pages project.  A  description  of  the
       project,  information  about  reporting  bugs, and the latest version of this page, can be
       found at