Still relevant. See also bug #1926521 -- MADV_DONTNEED is another
madvise() value that can't be ignored as "just a hint".
** Changed in: qemu
Status: Incomplete => Confirmed
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1875702
Title:
madvise reports success, but doesn't implement WIPEONFORK.
Status in QEMU:
Confirmed
Bug description:
The implementation of madvise (linux-user/syscall.c:11331, tag
v5.0.0-rc4) always returns zero (i.e. success). However, an
application requesting (at least) MADV_WIPEONFORK may need to know
whether the call was actually successful. If not (because the kernel
doesn't support WIPEONFORK) then it will need to take other measures
to provide fork-safety (such as drawing entropy from the kernel in
every case). But, if the application believes that WIPEONFORK is
supported (because madvise returned zero), but it actually isn't (as
in qemu), then it may forego those protections on the assumption that
WIPEONFORK will provide fork-safety.
Roughly, the comment in qemu that says "This is a hint, so ignoring
and returning success is ok." is no longer accurate in the presence of
MADV_WIPEONFORK.
(This is not purely academic: BoringSSL is planning on acting in this
way. We found the qemu behaviour in pre-release testing and are
planning on making an madvise call with advice=-1 first to test
whether unknown advice values actually produce EINVAL.)
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1875702/+subscriptions
