| Message ID | bf1a276ec28a2a0e6b94b43eec3975e64d1c63ae.1531479681.git.sbrivio@redhat.com |
|---|---|
| State | Accepted, archived |
| Delegated to: | David Miller |
| Headers | show |
| Series | [net] skbuff: Unconditionally copy pfmemalloc in __skb_clone() | expand |
2018-07-13, 13:21:07 +0200, Stefano Brivio wrote: > Commit 8b7008620b84 ("net: Don't copy pfmemalloc flag in > __copy_skb_header()") introduced a different handling for the > pfmemalloc flag in copy and clone paths. > > In __skb_clone(), now, the flag is set only if it was set in the > original skb, but not cleared if it wasn't. This is wrong and > might lead to socket buffers being flagged with pfmemalloc even > if the skb data wasn't allocated from pfmemalloc reserves. Copy > the flag instead of ORing it. > > Reported-by: Sabrina Dubroca <sd@queasysnail.net> > Fixes: 8b7008620b84 ("net: Don't copy pfmemalloc flag in __copy_skb_header()") > Signed-off-by: Stefano Brivio <sbrivio@redhat.com> Thanks, Tested-by: Sabrina Dubroca <sd@queasysnail.net>
From: Stefano Brivio <sbrivio@redhat.com> Date: Fri, 13 Jul 2018 13:21:07 +0200 > Commit 8b7008620b84 ("net: Don't copy pfmemalloc flag in > __copy_skb_header()") introduced a different handling for the > pfmemalloc flag in copy and clone paths. > > In __skb_clone(), now, the flag is set only if it was set in the > original skb, but not cleared if it wasn't. This is wrong and > might lead to socket buffers being flagged with pfmemalloc even > if the skb data wasn't allocated from pfmemalloc reserves. Copy > the flag instead of ORing it. > > Reported-by: Sabrina Dubroca <sd@queasysnail.net> > Fixes: 8b7008620b84 ("net: Don't copy pfmemalloc flag in __copy_skb_header()") > Signed-off-by: Stefano Brivio <sbrivio@redhat.com> Applied.
diff --git a/net/core/skbuff.c b/net/core/skbuff.c index 4df3164bb5fc..8e51f8555e11 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -858,8 +858,7 @@ static struct sk_buff *__skb_clone(struct sk_buff *n, struct sk_buff *skb) n->cloned = 1; n->nohdr = 0; n->peeked = 0; - if (skb->pfmemalloc) - n->pfmemalloc = 1; + C(pfmemalloc); n->destructor = NULL; C(tail); C(end);
Commit 8b7008620b84 ("net: Don't copy pfmemalloc flag in __copy_skb_header()") introduced a different handling for the pfmemalloc flag in copy and clone paths. In __skb_clone(), now, the flag is set only if it was set in the original skb, but not cleared if it wasn't. This is wrong and might lead to socket buffers being flagged with pfmemalloc even if the skb data wasn't allocated from pfmemalloc reserves. Copy the flag instead of ORing it. Reported-by: Sabrina Dubroca <sd@queasysnail.net> Fixes: 8b7008620b84 ("net: Don't copy pfmemalloc flag in __copy_skb_header()") Signed-off-by: Stefano Brivio <sbrivio@redhat.com> --- net/core/skbuff.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-)