7.1.12 Securing Storage Server Software Processes with Memory Protection Keys

Memory Protection Keys is a hardware feature found in Oracle Exadata X7-2 and newer systems. Memory Protection Keys provide a thread local permission control on memory pages without incurring the high cost of Page Table Entry (PTE) modifications and Translation Look-aside Buffer (TLB) flushes.

The Exadata storage server process that performs block IO (cellsrv) and the processes that perform smart scans (celloflsrv) are now enhanced to run with memory protection keys. This feature is enabled out of the box with no tuning needed. Each thread in these processes needs to obtain access to the appropriate memory protection key before it can access the data. Any access to a piece of memory that does not have the correct key traps the process. This enhances the security and robustness of the storage server processes by eliminating a class of potential memory corruptions.

Minimum requirements:

• Oracle Exadata System Software release 19.3.0
• Oracle Exadata X7-2