[Devel] [PATCH RHEL9 COMMIT] oracle/mm: introduce MADV_DOEXEC

Konstantin Khorenko khorenko at virtuozzo.com
Thu Jan 23 23:35:47 MSK 2025 

The commit is pushed to "branch-rh9-5.14.0-427.44.1.vz9.80.x-ovz" and will appear at git at bitbucket.org:openvz/vzkernel.git
after rh9-5.14.0-427.44.1.vz9.80.5
------>
commit 8d21192ba4fba88cf663c202721fd2c1db4e9d74
Author: Steve Sistare <steven.sistare at oracle.com>
Date:   Tue Oct 27 16:47:57 2020 -0700

    oracle/mm: introduce MADV_DOEXEC
    
    madvise MADV_DOEXEC preserves a memory range across exec.  Initially
    only supported for non-executable, non-stack, anonymous memory.
    MADV_DOEXEC is single-use and after exec madvise must done again to
    preserve memory for a subsequent exec.
    MADV_DONTEXEC reverts the effect of a previous MADV_DOXEXEC call and
    undoes the preservation of the range.
    
    Orabug: 32387875
    Signed-off-by: Steve Sistare <steven.sistare at oracle.com>
    Signed-off-by: Anthony Yznaga <anthony.yznaga at oracle.com>
    Reviewed-by: Liam R. Howlett <Liam.Howlett at Oracle.com>
    
    https://virtuozzo.atlassian.net/browse/VSTOR-96305
    
    (cherry picked from Oracle commit 4693c5d9d799eb4803c5afc781cc60e2b645e398)
    Signed-off-by: Konstantin Khorenko <khorenko at virtuozzo.com>
    
    +++
     commit 606472268c9ca1edb06b3f0e17477a6b8f229c29
     Author: Anthony Yznaga <anthony.yznaga at oracle.com>
     Date:   Thu Feb 22 15:11:46 2024 -0800
    
        mm: avoid conflict between MADV_DOEXEC and upstream advice values
    
        Change MADV_DOEXEC and MADV_DONTEXEC to values that does not conflict
        with new advice values added upstream which can hinder the ability of
        a cross-distro application from determining if a conflicting advice
        value is supported. As provided in the original patchset, a consumer
        of MADV_DOEXEC is expected to read /proc/sys/vm/madv_doexec_flag to
        determine the correct value to use.
        If an application is affected by the conflict, one possible workaround
        is to test for and read /proc/sys/vm/madv_doexec_flag.
    
        Orabug: 36334308
        Signed-off-by: Anthony Yznaga <anthony.yznaga at oracle.com>
        Reviewed-by: Jane Chu <jane.chu at oracle.com>
        Signed-off-by: Brian Maly <brian.maly at oracle.com>
    
    Feature: oracle/mm: MADV_DOEXEC madvise() flag
---
 include/uapi/asm-generic/mman-common.h |  3 +++
 mm/madvise.c                           | 25 +++++++++++++++++++++++++
 2 files changed, 28 insertions(+)

diff --git a/include/uapi/asm-generic/mman-common.h b/include/uapi/asm-generic/mman-common.h
index 6ce1f1ceb432..7a98ab73fe88 100644
--- a/include/uapi/asm-generic/mman-common.h
+++ b/include/uapi/asm-generic/mman-common.h
@@ -79,6 +79,9 @@
 
 #define MADV_COLLAPSE	25		/* Synchronous hugepage collapse */
 
+#define MADV_DOEXEC	201		/* do inherit across exec */
+#define MADV_DONTEXEC	202		/* don't inherit across exec */
+
 /* compatibility flags */
 #define MAP_FILE	0
 
diff --git a/mm/madvise.c b/mm/madvise.c
index 0583abc9ca19..8cab55109411 100644
--- a/mm/madvise.c
+++ b/mm/madvise.c
@@ -1083,6 +1083,26 @@ static int madvise_vma_behavior(struct vm_area_struct *vma,
 	case MADV_KEEPONFORK:
 		new_flags &= ~VM_WIPEONFORK;
 		break;
+	case MADV_DOEXEC:
+		/*
+		 * MADV_DOEXEC is only supported on private, non-executable,
+		 * non-stack anonymous memory and if the VM_EXEC_KEEP flag
+		 * is available.
+		 */
+		if (!VM_EXEC_KEEP || !vma_is_anonymous(vma) || vma->vm_flags & (VM_EXEC|VM_SHARED|VM_STACK)) {
+			error = -EINVAL;
+			goto out;
+		}
+		new_flags |= (new_flags & ~VM_MAYEXEC) | VM_EXEC_KEEP;
+		break;
+	case MADV_DONTEXEC:
+		if (!VM_EXEC_KEEP) {
+			error = -EINVAL;
+			goto out;
+		}
+		if (new_flags & VM_EXEC_KEEP)
+			new_flags |= (new_flags & ~VM_EXEC_KEEP) | VM_MAYEXEC;
+		break;
 	case MADV_DONTDUMP:
 		new_flags |= VM_DONTDUMP;
 		break;
@@ -1208,6 +1228,8 @@ madvise_behavior_valid(int behavior)
 	case MADV_SOFT_OFFLINE:
 	case MADV_HWPOISON:
 #endif
+	case MADV_DOEXEC:
+	case MADV_DONTEXEC:
 		return true;
 
 	default:
@@ -1401,6 +1423,9 @@ int madvise_set_anon_name(struct mm_struct *mm, unsigned long start,
  *		triggering read faults if required
  *  MADV_POPULATE_WRITE - populate (prefault) page tables writable by
  *		triggering write faults if required
+ *  MADV_DOEXEC - On exec, preserve and duplicate this area in the new process
+ *		if the new process allows it.
+ *  MADV_DONTEXEC - Undo the effect of MADV_DOEXEC.
  *
  * return values:
  *  zero    - success

More information about the Devel mailing list