Convert AF_ALG to use iov_iter_extract_pages() instead of
iov_iter_get_pages(). This will pin pages or leave them unaltered rather
than getting a ref on them as appropriate to the iterator.
The pages need to be pinned for DIO-read rather than having refs taken on
them to prevent VM copy-on-write from malfunctioning during a concurrent
fork() (the result of the I/O would otherwise end up only visible to the
child process and not the parent).
Signed-off-by: David Howells <dhowells@xxxxxxxxxx>
cc: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
cc: linux-crypto@xxxxxxxxxxxxxxx
---
crypto/af_alg.c | 9 ++++++---
include/crypto/if_alg.h | 1 +
2 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/crypto/af_alg.c b/crypto/af_alg.c
index 7a68db157fae..c99e09fce71f 100644
--- a/crypto/af_alg.c
+++ b/crypto/af_alg.c
@@ -534,15 +534,18 @@ static const struct net_proto_family alg_family = {
int af_alg_make_sg(struct af_alg_sgl *sgl, struct iov_iter *iter, int len,
unsigned int gup_flags)
{
+ struct page **pages = sgl->pages;
size_t off;
ssize_t n;
int npages, i;
- n = iov_iter_get_pages(iter, sgl->pages, len, ALG_MAX_PAGES, &off,
- gup_flags);
+ n = iov_iter_extract_pages(iter, &pages, len, ALG_MAX_PAGES,
+ gup_flags, &off);
if (n < 0)
return n;
+ sgl->cleanup_mode = iov_iter_extract_mode(iter, gup_flags);
+
npages = DIV_ROUND_UP(off + n, PAGE_SIZE);
if (WARN_ON(npages == 0))
return -EINVAL;
@@ -576,7 +579,7 @@ void af_alg_free_sg(struct af_alg_sgl *sgl)
int i;
for (i = 0; i < sgl->npages; i++)
- put_page(sgl->pages[i]);
+ page_put_unpin(sgl->pages[i], sgl->cleanup_mode);
}
EXPORT_SYMBOL_GPL(af_alg_free_sg);
diff --git a/include/crypto/if_alg.h b/include/crypto/if_alg.h
index 12058ab6cad9..95b3b7517d3f 100644
--- a/include/crypto/if_alg.h
+++ b/include/crypto/if_alg.h
@@ -61,6 +61,7 @@ struct af_alg_sgl {
struct scatterlist sg[ALG_MAX_PAGES + 1];
struct page *pages[ALG_MAX_PAGES];
unsigned int npages;
+ unsigned int cleanup_mode;
};
/* TX SGL entry */
