Re: [PATCH 0/4 v4] exec: inherit HWCAPs from the parent process

[Kees Cook]

On Mon, Feb 23, 2026 at 10:29:00AM -0800, Andrei Vagin wrote:
> On Tue, Feb 17, 2026 at 10:01 AM Andrei Vagin <avagin@xxxxxxxxxx> wrote:
> >
> > This patch series introduces a mechanism to inherit hardware capabilities
> > (AT_HWCAP, AT_HWCAP2, etc.) from a parent process when they have been
> > modified via prctl.
> >
> > To support C/R operations (snapshots, live migration) in heterogeneous
> > clusters, we must ensure that processes utilize CPU features available
> > on all potential target nodes. To solve this, we need to advertise a
> > common feature set across the cluster.
> >
> > Initially, a cgroup-based approach was considered, but it was decided
> > that inheriting HWCAPs from a parent process that has set its own
> > auxiliary vector via prctl is a simpler and more flexible solution.
> >
> > This implementation adds a new mm flag MMF_USER_HWCAP, which is set when the
> > auxiliary vector is modified via prctl(PR_SET_MM_AUXV). When execve() is
> > called, if the current process has MMF_USER_HWCAP set, the HWCAP values are
> > extracted from the current auxiliary vector and inherited by the new process.
> >
> > The first patch fixes AUXV size calculation for ELF_HWCAP3 and ELF_HWCAP4
> > in binfmt_elf_fdpic and updates AT_VECTOR_SIZE_BASE.
> >
> > The second patch implements the core inheritance logic in execve().
> >
> > The third patch adds a selftest to verify that HWCAPs are correctly
> > inherited across execve().
> >
> > v4: minor fixes based on feedback from the previous version.
> 
> Kees,
> 
> I think it is ready to be merged. Let me know if you have any other
> comments/concerns/questions.

Yeah, I think it's looking good. I'll land this in for-next/execve after
rc2 (a week from now).

Thanks!

-- 
Kees Cook