github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-08 22:52:35 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
4aaa233c79
linux/include
History
Willem de Bruijn f2a67e68db packet: copy user buffers before orphan or clone 
[ Upstream commit 5cd8d46ea1 ]

tpacket_snd sends packets with user pages linked into skb frags. It
notifies that pages can be reused when the skb is released by setting
skb->destructor to tpacket_destruct_skb.

This can cause data corruption if the skb is orphaned (e.g., on
transmit through veth) or cloned (e.g., on mirror to another psock).

Create a kernel-private copy of data in these cases, same as tun/tap
zerocopy transmission. Reuse that infrastructure: mark the skb as
SKBTX_ZEROCOPY_FRAG, which will trigger copy in skb_orphan_frags(_rx).

Unlike other zerocopy packets, do not set shinfo destructor_arg to
struct ubuf_info. tpacket_destruct_skb already uses that ptr to notify
when the original skb is released and a timestamp is recorded. Do not
change this timestamp behavior. The ubuf_info->callback is not needed
anyway, as no zerocopy notification is expected.

Mark destructor_arg as not-a-uarg by setting the lower bit to 1. The
resulting value is not a valid ubuf_info pointer, nor a valid
tpacket_snd frame address. Add skb_zcopy_.._nouarg helpers for this.

The fix relies on features introduced in commit 52267790ef ("sock:
add MSG_ZEROCOPY"), so can be backported as is only to 4.14.

Tested with from `./in_netns.sh ./txring_overwrite` from
http://github.com/wdebruij/kerneltools/tests

Fixes: 69e3c75f4d ("net: TX_RING and packet mmap")
Reported-by: Anand H. Krishnan <anandhkrishnan@gmail.com>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-12-05 19:31:58 +01:00
..
acpi
asm-generic vmlinux.lds.h: Fix linker warnings about orphan .LPBX sections 2018-10-12 08:55:29 +11:00
clocksource
crypto crypto: speck - remove Speck 2018-11-13 11:08:46 -08:00
drm drm: Get ref on CRTC commit object when waiting for flip_done 2018-10-18 14:23:13 -04:00
dt-bindings ARM: SoC: late updates 2018-08-25 14:12:36 -07:00
keys
kvm
linux packet: copy user buffers before orphan or clone 2018-12-05 19:31:58 +01:00
math-emu
media media: cec: fix the Signal Free Time calculation 2018-11-13 11:08:53 -08:00
memory
misc
net tcp: do not release socket ownership in tcp_close() 2018-12-01 09:37:28 +01:00
pcmcia pcmcia: remove long deprecated pcmcia_request_exclusive_irq() function 2018-08-18 12:30:42 -07:00
ras
rdma IB/rxe: Revise the ib_wr_opcode enum 2018-11-13 11:08:43 -08:00
scsi
soc soc: fsl: qbman: add APIs to retrieve the probing status 2018-09-27 15:43:35 -05:00
sound ASoC: Fixes for v4.19 2018-09-17 18:59:21 +02:00
target
trace RxRPC fixes 2018-10-10 22:27:38 -07:00
uapi Revert "netfilter: nft_numgen: add map lookups for numgen random operations" 2018-11-27 16:13:02 +01:00
video fbdev changes for v4.19: 2018-08-23 15:44:58 -07:00
xen CONFIG_XEN_PV breaks xen_create_contiguous_region on ARM 2018-11-21 09:19:28 +01:00