From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-dy1-f177.google.com (mail-dy1-f177.google.com [74.125.82.177])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 048CA342532
	for <linux-kernel@vger.kernel.org>; Mon, 13 Apr 2026 22:40:02 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=74.125.82.177
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1776120005; cv=none; b=jN+wt2cSIS2NSUYBX8PjDF57bezymXCSIoEh0CqKOZV1ngyszhzi7vqkBK7G5ATt1bkCLSVM5I0XQmAVORZshLK+X/2ybEIfpVQJlaC0Y1Kj2lae2HefT+Gaubpe9juPYpkfCbJzDOqDKtIQrIdRvzDB07n9xINIgrhuPxP8aa8=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1776120005; c=relaxed/simple;
	bh=bo4rnRk9gTHnF48ie5YwA3Oq/Ug6de8IrM1VgcfjHyQ=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version; b=exyqZfyMqETL15szZJhKBG3d6NLmiMEviD7Oe/CDbgFC5/gvCvCGGG/tc/Il4PUy+8M+i3HV/WmoEmx7QmP+vWK5fNHJ9xAe+aQXRCHiWuw6iGZNbn7ql+j7bqGNV5WlZLQVI4JAiebMQGrl3hMvll8k6n14GZ0QeO+JUSOqfYg=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=kernel.org; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=sb9wB+34; arc=none smtp.client-ip=74.125.82.177
Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=kernel.org
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="sb9wB+34"
Received: by mail-dy1-f177.google.com with SMTP id 5a478bee46e88-2bd9a485bd6so10326681eec.1
        for <linux-kernel@vger.kernel.org>; Mon, 13 Apr 2026 15:40:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20251104; t=1776120002; x=1776724802; darn=vger.kernel.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:sender:from:to:cc:subject:date
         :message-id:reply-to;
        bh=cc8QYlKcFUttGHudhBfwFdQ1KDV1t/Eqeu+TLpIwudk=;
        b=sb9wB+34QdnmYl4Szi4UUjEp+pdgBD1UUIyV5zD23/mV/SIayPv5SD5FMh0GlLxZEA
         Hk2o99flLBImqH+ER1t4UpDLwePwUSET3Kny3B0isNNENUOMV5Vwlddh5A+NmDjn4aDu
         CFroTozpm3JW6bT53xorXIvEP7hjiQVnrDtLlEGUMTOsDPT2R03hh/A9K82FHL1nDkrt
         t8Op0kwmCiyNjuJohcAM8KQyxx+ALV6BK3DRgpHj7K3sd2RMtgtremOaLvknqV09Cg0r
         6w2nWqY+KZ3cN4s3IJI6GvivEoLTxmn0EUUZCkqDAKTSaXdPv/WTL8rlNA2A+A10xTeP
         dieA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20251104; t=1776120002; x=1776724802;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:sender:x-gm-gg
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=cc8QYlKcFUttGHudhBfwFdQ1KDV1t/Eqeu+TLpIwudk=;
        b=GZBB/1Pyiyp92I9rj8yKDOGrnNIP6/KV4HR1eDTu0UgLrW6MfiaYwtmaOxrJxlgW8O
         vlbBILTnFy8Al9gt6odL+0EWO01WtFSZuJI/VXa6lcSRZo2DaIH7J1tlxFIsXYf1mPkj
         QvXIR1SJgIPvRxKTI6VJPuZIQqQ9bTmwxtlLTm85QpySUOgo3O8U+2sszIU7o2IkuvsG
         b/+tVcEzb0/oAa6pVHp+x7GKoM+mE7TyzW9c6BkB17p1V7bWNGpB56aTMl1kg6jqVdQa
         2Ed5nWP4zt6+ZNSkRvtY3+K7aC2s/O2ABzM+P9h/191CHAUvLBK3Xrhl4X9HzJY3nd6r
         kb6g==
X-Forwarded-Encrypted: i=1; AFNElJ9uxcTaLpXbJV1Rb4oiNBBYVlVxdnCcjvv+jNl5Ear+AjGG28uIxIrhSvVQqpM8VXTcJOfgFCouan4+v0U=@vger.kernel.org
X-Gm-Message-State: AOJu0YyRm2Qx/cSoXMZC1cFBWl1e/56A+26K3MmXkm/xo2B56N7EiJCZ
	qRRMZ3TfXX/KTz2wClj1GbIpduWq7l9Uj357AhvDUl9009x6POrqn+Jk
X-Gm-Gg: AeBDiev/5nh90SqK6LKQX4G/ObZraDxlPq0yLe4l/npNF6zuSaPyb8CfR9IA8VtPPlU
	YpayUDERo3uhr7p3z1QLKtzFYbq9Lnzpov0+9Q5tp/jZ2dV0WMblI3/TmafsfedhblyhS7QwLQe
	2RyuNbjhE+ECoxBTEu5o/x4thnHm2AeqwUznOQB22ui30lm49v/DQ2k2oH93WC6vwtLqTmGOSBk
	v7qGJp4XG5UiFKXlsfGUtiZR0j/WRc3OIBfBVPmINL9tg+cPCCw99i9PCm8Fd91Hie5YNNR8v74
	7fZ8m/j2LWFp03Qx5dXEEgG4ACG5Mg/1JVQm9Nv/fQXNainM2PRBM4GnBUqpvZ/JCUpnpdkQ/YM
	eNVqh2E/a9oMDlJWOVTpBV+OOxCKDrW5X1i52P/nEf/PrwPbrhFcPxn/9DOh1tjxiPz85XVpKuC
	/agEYrHXKbpO48VQI/DYwYbbddJVbbTn3C7v4QzxP8o9zch06FTmZ90W4gsn+XWEW7POe6Iq20t
	L58
X-Received: by 2002:a05:7300:6d03:b0:2c0:d1ad:cd2e with SMTP id 5a478bee46e88-2d587d82e7emr8217072eec.11.1776120001746;
        Mon, 13 Apr 2026 15:40:01 -0700 (PDT)
Received: from bbox-1.mtv.corp.google.com ([2a00:79e0:2e7c:8:c871:4088:5cd5:bd1b])
        by smtp.gmail.com with ESMTPSA id 5a478bee46e88-2d561cd3138sm18577297eec.14.2026.04.13.15.39.59
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 13 Apr 2026 15:40:00 -0700 (PDT)
Sender: Minchan Kim <minchan.kim@gmail.com>
From: Minchan Kim <minchan@kernel.org>
To: akpm@linux-foundation.org
Cc: david@kernel.org,
	mhocko@suse.com,
	brauner@kernel.org,
	linux-mm@kvack.org,
	linux-kernel@vger.kernel.org,
	surenb@google.com,
	timmurray@google.com,
	Minchan Kim <minchan@kernel.org>
Subject: [RFC 3/3] mm: process_mrelease: introduce PROCESS_MRELEASE_REAP_KILL flag
Date: Mon, 13 Apr 2026 15:39:48 -0700
Message-ID: <20260413223948.556351-4-minchan@kernel.org>
X-Mailer: git-send-email 2.54.0.rc0.605.g598a273b03-goog
In-Reply-To: <20260413223948.556351-1-minchan@kernel.org>
References: <20260413223948.556351-1-minchan@kernel.org>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Currently, process_mrelease() requires userspace to send a SIGKILL signal
prior to invocation. This separation introduces a race window where the
victim task may receive the signal and enter the exit path before the
reaper can invoke process_mrelease().

In this case, the victim task frees its memory via the standard, unoptimized
exit path, bypassing the expedited clean file folio reclamation optimization
introduced in the previous patch (which relies on the MMF_UNSTABLE flag).

This patch introduces the PROCESS_MRELEASE_REAP_KILL UAPI flag to support
an integrated auto-kill mode. When specified, process_mrelease() directly
injects a SIGKILL into the target task.

Crucially, this patch utilizes a dedicated signal code (KILL_MRELEASE)
during signal injection, belonging to a new SIGKILL si_codes section.
This special code ensures that the kernel's signal delivery path reliably
intercepts the request and marks the target address space as unstable
(MMF_UNSTABLE). This mechanism guarantees that the MMF_UNSTABLE flag is set
before either the victim task or the reaper proceeds, ensuring that the
expedited reclamation optimization is utilized regardless of scheduling
order.

Signed-off-by: Minchan Kim <minchan@kernel.org>
---
 include/uapi/asm-generic/siginfo.h |  6 ++++++
 include/uapi/linux/mman.h          |  4 ++++
 kernel/signal.c                    |  4 ++++
 mm/oom_kill.c                      | 20 +++++++++++++++++++-
 4 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/include/uapi/asm-generic/siginfo.h b/include/uapi/asm-generic/siginfo.h
index 5a1ca43b5fc6..0f59b791dab4 100644
--- a/include/uapi/asm-generic/siginfo.h
+++ b/include/uapi/asm-generic/siginfo.h
@@ -252,6 +252,12 @@ typedef struct siginfo {
 #define BUS_MCEERR_AO	5
 #define NSIGBUS		5
 
+/*
+ * SIGKILL si_codes
+ */
+#define KILL_MRELEASE	1	/* sent by process_mrelease */
+#define NSIGKILL	1
+
 /*
  * SIGTRAP si_codes
  */
diff --git a/include/uapi/linux/mman.h b/include/uapi/linux/mman.h
index e89d00528f2f..4266976b45ad 100644
--- a/include/uapi/linux/mman.h
+++ b/include/uapi/linux/mman.h
@@ -56,4 +56,8 @@ struct cachestat {
 	__u64 nr_recently_evicted;
 };
 
+/* Flags for process_mrelease */
+#define PROCESS_MRELEASE_REAP_KILL	(1 << 0)
+#define PROCESS_MRELEASE_VALID_FLAGS	(PROCESS_MRELEASE_REAP_KILL)
+
 #endif /* _UAPI_LINUX_MMAN_H */
diff --git a/kernel/signal.c b/kernel/signal.c
index d65d0fe24bfb..c21b2176dc5e 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -1134,6 +1134,10 @@ static int __send_signal_locked(int sig, struct kernel_siginfo *info,
 
 out_set:
 	signalfd_notify(t, sig);
+
+	if (sig == SIGKILL && !is_si_special(info) &&
+	    info->si_code == KILL_MRELEASE && t->mm)
+		mm_flags_set(MMF_UNSTABLE, t->mm);
 	sigaddset(&pending->signal, sig);
 
 	/* Let multiprocess signals appear after on-going forks */
diff --git a/mm/oom_kill.c b/mm/oom_kill.c
index 5c6c95c169ee..0b5da5208707 100644
--- a/mm/oom_kill.c
+++ b/mm/oom_kill.c
@@ -20,6 +20,8 @@
 
 #include <linux/oom.h>
 #include <linux/mm.h>
+#include <uapi/linux/mman.h>
+#include <linux/capability.h>
 #include <linux/err.h>
 #include <linux/gfp.h>
 #include <linux/sched.h>
@@ -1218,13 +1220,29 @@ SYSCALL_DEFINE2(process_mrelease, int, pidfd, unsigned int, flags)
 	bool reap = false;
 	long ret = 0;
 
-	if (flags)
+	if (flags & ~PROCESS_MRELEASE_VALID_FLAGS)
 		return -EINVAL;
 
 	task = pidfd_get_task(pidfd, &f_flags);
 	if (IS_ERR(task))
 		return PTR_ERR(task);
 
+	if (flags & PROCESS_MRELEASE_REAP_KILL) {
+		struct kernel_siginfo info;
+
+		if (!capable(CAP_KILL)) {
+			ret = -EPERM;
+			goto put_task;
+		}
+		clear_siginfo(&info);
+		info.si_signo = SIGKILL;
+		info.si_code = KILL_MRELEASE;
+		info.si_pid = task_tgid_vnr(current);
+		info.si_uid = from_kuid_munged(current_user_ns(), current_uid());
+
+		do_send_sig_info(SIGKILL, &info, task, PIDTYPE_TGID);
+	}
+
 	/*
 	 * Make sure to choose a thread which still has a reference to mm
 	 * during the group exit
-- 
2.54.0.rc0.605.g598a273b03-goog