Description of the feature

In current Gramine LibOS VMA bookkeeping, address begin, address end, prot, flags and file with offset are recorded.

However, when VMAs are created or changed successfully, only address is returned to caller. Then a corresponding PAL memory function is always called even pages of host already meet the expected status. In SGX PAL, extra Ocalls are called, When EDMM enabled, extra EDMM functions are called to set EPCM permissions.

My proposal is adding a flag to indicate what kind of page flags and permissions changes (change page flags, change file mapping, initialize permissions, restrict permissions, extend permissions, maybe more), returned by VMA bookkeeping functions and passed to PAL memory functions.
When all page flags and permissions are unchanged, LibOS doesn't call PAL memory function.
When pages flags and/or permissions are changed. LibOS call PAL memory function with this flag. PAL memory function can call mmap/mprotect/EMODPE/EMODPR accordingly.

It requires that LibOS VMA bookkeeping records exact same memory pages and access permissions as host PAL.
Need to identify and fix all violations, for example,

Why Gramine should implement it?

Performance improved. We've seen a workload that calls mmap(RW) to allocate some pages then calls mprotect(RW) on each page.
And for SGX EDMM. PTE permissions and the EPCM permissions can sync.