[PATCH v1 0/2] mseal: fixing madvise for file-backed mapping and PROT_NONE

From: jeffxu
Date: Wed Oct 16 2024 - 20:51:18 EST

Next message: jeffxu: "[PATCH v1 1/2] mseal: Two fixes for madvise(MADV_DONTNEED) when sealed"
Previous message: Sami Tolvanen: "Re: [PATCH 00/12] Module Validation Refactor"
Next in thread: jeffxu: "[PATCH v1 1/2] mseal: Two fixes for madvise(MADV_DONTNEED) when sealed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jeff Xu <jeffxu@xxxxxxxxxx>

Two fixes for madvise(MADV_DONTNEED) when sealed.

For PROT_NONE mappings, the previous blocking of
madvise(MADV_DONTNEED) is unnecessary. As PROT_NONE already prohibits
memory access, madvise(MADV_DONTNEED) should be allowed to proceed in
order to free the page.

For file-backed, private, read-only memory mappings, we previously did
not block the madvise(MADV_DONTNEED). This was based on
the assumption that the memory's content, being file-backed, could be
retrieved from the file if accessed again. However, this assumption
failed to consider scenarios where a mapping is initially created as
read-write, modified, and subsequently changed to read-only. The newly
introduced VM_WASWRITE flag addresses this oversight.

Jeff Xu (2):
mseal: Two fixes for madvise(MADV_DONTNEED) when sealed
selftest/mseal: Add tests for madvise

include/linux/mm.h | 2 +
mm/mprotect.c | 3 +
mm/mseal.c | 42 +++++++--
tools/testing/selftests/mm/mseal_test.c | 118 +++++++++++++++++++++++-
4 files changed, 157 insertions(+), 8 deletions(-)

--
2.47.0.rc1.288.g06298d1525-goog

Next message: jeffxu: "[PATCH v1 1/2] mseal: Two fixes for madvise(MADV_DONTNEED) when sealed"
Previous message: Sami Tolvanen: "Re: [PATCH 00/12] Module Validation Refactor"
Next in thread: jeffxu: "[PATCH v1 1/2] mseal: Two fixes for madvise(MADV_DONTNEED) when sealed"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]