cryptoapi incorrect struct page usage

cryptoapi incorrect struct page usage

[Mika Penttilä]

It seems that cryptoapi usage wrt mm is not safe. At least both ipsec 
and cryptoloop practise these kinds of things :

example from net/xfrm/xfrm_algo.c

int
skb_to_sgvec(struct sk_buff *skb, struct scatterlist *sg, int offset, 
int len)
{
    int start = skb_headlen(skb);
    int i, copy = start - offset;
    int elt = 0;

    if (copy > 0) {
        if (copy > len)
            copy = len;
        sg[elt].page = virt_to_page(skb->data + offset);
        sg[elt].offset = (unsigned long)(skb->data + offset) % PAGE_SIZE;
        sg[elt].length = copy;



so unpinned pages are passed to cryptoapi. Nothing prevents these pages 
from being swapped out. Something like get_user_pages() is needed to pin 
these pages for the duration of crypto operations. Comments?

--Mika

Re: cryptoapi incorrect struct page usage

[David S. Miller]

On Sat, 09 Aug 2003 23:33:52 +0300
Mika Penttilä <mika.penttila@kolumbus.fi> wrote:

>         sg[elt].page = virt_to_page(skb->data + offset);
>         sg[elt].offset = (unsigned long)(skb->data + offset) % PAGE_SIZE;
>         sg[elt].length = copy;
> 
> so unpinned pages are passed to cryptoapi. Nothing prevents these pages 
> from being swapped out. Something like get_user_pages() is needed to pin 
> these pages for the duration of crypto operations. Comments?

The page at skb->data was allocated by the skbuff allocation
layer, it has therefore a lifetime the size of the SKB itself.

The crypto API call is finished before we can possibly free up
the SKB, so nothing bad can happen.