On Wed, Sep 17, 2025 at 6:44 AM David Hildenbrand david@redhat.com wrote:
On 15.09.25 18:36, Kalesh Singh wrote:
Building on the vma_count helpers, add a VM_WARN_ON_ONCE() to detect cases where the VMA count exceeds the sysctl_max_map_count limit.
This check will help catch future bugs or regressions where the VMAs are allocated exceeding the limit.
The warning is placed in the main vma_count_*() helpers, while the internal *_nocheck variants bypass it. _nocheck helpers are used to ensure that the assertion does not trigger a false positive in the legitimate case of a temporary VMA increase past the limit by a VMA split in munmap().
Cc: Andrew Morton akpm@linux-foundation.org Cc: David Hildenbrand david@redhat.com Cc: "Liam R. Howlett" Liam.Howlett@oracle.com Cc: Lorenzo Stoakes lorenzo.stoakes@oracle.com Cc: Mike Rapoport rppt@kernel.org Cc: Minchan Kim minchan@kernel.org Cc: Pedro Falcato pfalcato@suse.de Signed-off-by: Kalesh Singh kaleshsingh@google.com
Changes in v2:
- Add assertions if exceeding max_vma_count limit, per Pedro
include/linux/mm.h | 12 ++++++-- mm/internal.h | 1 - mm/vma.c | 49 +++++++++++++++++++++++++------- tools/testing/vma/vma_internal.h | 7 ++++- 4 files changed, 55 insertions(+), 14 deletions(-)
diff --git a/include/linux/mm.h b/include/linux/mm.h index 8bad1454984c..3a3749d7015c 100644 --- a/include/linux/mm.h +++ b/include/linux/mm.h @@ -4219,19 +4219,27 @@ static inline bool snapshot_page_is_faithful(const struct page_snapshot *ps)
void snapshot_page(struct page_snapshot *ps, const struct page *page);
+int vma_count_remaining(const struct mm_struct *mm);
- static inline void vma_count_init(struct mm_struct *mm) { ACCESS_PRIVATE(mm, __vma_count) = 0; }
-static inline void vma_count_add(struct mm_struct *mm, int nr_vmas) +static inline void __vma_count_add_nocheck(struct mm_struct *mm, int nr_vmas) { ACCESS_PRIVATE(mm, __vma_count) += nr_vmas; }
+static inline void vma_count_add(struct mm_struct *mm, int nr_vmas) +{
VM_WARN_ON_ONCE(!vma_count_remaining(mm));
Can't that fire when changing the max count from user space at just the wrong time?
You are right: technically it's possible if it was raised between the time of checking and when the new VMA is added.
I assume we'll have to tolerated that and might just want to drop this patch from the series.
It is compiled out in !CONFIG_VM_DEBUG builds, would we still want to drop it?
Thanks, Kalesh
-- Cheers
David / dhildenb