Commit 58cd785d authored by Pavel Begunkov's avatar Pavel Begunkov Committed by Ziyang Xuan
Browse files

net: introduce __skb_fill_page_desc_noacc 

mainline inclusion
from mainline-v6.0-rc1
commit 84ce071e
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/I9LK5X
CVE: CVE-2022-48689

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=84ce071e38a6e25ea3ea91188e5482ac1f17b3af



--------------------------------

Managed pages contain pinned userspace pages and controlled by upper
layers, there is no need in tracking skb->pfmemalloc for them. Introduce
a helper for filling frags but ignoring page tracking, it'll be needed
later.

Signed-off-by: default avatarPavel Begunkov <asml.silence@gmail.com>
Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
Signed-off-by: default avatarZiyang Xuan <william.xuanziyang@huawei.com>
parent 7f3eaba5

include/linux/skbuff.h

+17 −11
Original line number Diff line number Diff line
@@ -2173,6 +2173,22 @@ static inline unsigned int skb_pagelen(const struct sk_buff *skb) 
	return skb_headlen(skb) + __skb_pagelen(skb);

}



static inline void __skb_fill_page_desc_noacc(struct skb_shared_info *shinfo,

					      int i, struct page *page,

					      int off, int size)

{

	skb_frag_t *frag = &shinfo->frags[i];



	/*

	 * Propagate page pfmemalloc to the skb if we can. The problem is

	 * that not all callers have unique ownership of the page but rely

	 * on page_is_pfmemalloc doing the right thing(tm).

	 */

	frag->bv_page		  = page;

	frag->bv_offset		  = off;

	skb_frag_size_set(frag, size);

}



/**

 * __skb_fill_page_desc - initialise a paged fragment in an skb

 * @skb: buffer containing fragment to be initialised
@@ -2189,17 +2205,7 @@ static inline unsigned int skb_pagelen(const struct sk_buff *skb) 
static inline void __skb_fill_page_desc(struct sk_buff *skb, int i,

					struct page *page, int off, int size)

{

	skb_frag_t *frag = &skb_shinfo(skb)->frags[i];



	/*

	 * Propagate page pfmemalloc to the skb if we can. The problem is

	 * that not all callers have unique ownership of the page but rely

	 * on page_is_pfmemalloc doing the right thing(tm).

	 */

	frag->bv_page		  = page;

	frag->bv_offset		  = off;

	skb_frag_size_set(frag, size);



	__skb_fill_page_desc_noacc(skb_shinfo(skb), i, page, off, size);

	page = compound_head(page);

	if (page_is_pfmemalloc(page))

		skb->pfmemalloc	= true;