cryptoapi incorrect struct page usage

From: Mika Penttilä (mika.penttila@kolumbus.fi)
Date: Sat Aug 09 2003 - 15:30:35 EST


It seems that cryptoapi usage wrt mm is not safe. At least both ipsec and cryptoloop practise these kinds of things :

example from net/xfrm/xfrm_algo.c

int
skb_to_sgvec(struct sk_buff *skb, struct scatterlist *sg, int offset, int len)
{
int start = skb_headlen(skb);
int i, copy = start - offset;
int elt = 0;

if (copy > 0) {
if (copy > len)
copy = len;
sg[elt].page = virt_to_page(skb->data + offset);
sg[elt].offset = (unsigned long)(skb->data + offset) % PAGE_SIZE;
sg[elt].length = copy;



so unpinned pages are passed to cryptoapi. Nothing prevents these pages from being swapped out. Something like get_user_pages() is needed to pin these pages for the duration of crypto operations. Comments?

--Mika


-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html