[$] Enabling non-executable memfds

The memfd interface is a bit of a strange and Linux-specific beast; it wasinitially created to support the securepassing of data between cooperating processes on a single system. It hassince gained other roles, but it may still come as a surprise to some tolearn that memory regions created for memfds, unlike almost any other dataarea, have the execute permission bit set. That can facilitate attacks; thispatch set from Jeff Xu proposes an addition to the memfd API to closethat hole.