kernel: add fix for a page pool related crash on GRO

Needed for upcoming mt76 page pool support Signed-off-by: Felix Fietkau <nbd@nbd.name>
2024-12-12 01:44:54 +00:00 · 2023-01-26 20:44:21 +01:00 · 2023-01-26 20:44:21 +01:00 · 2770cbe63f
commit 2770cbe63f
parent 638283d481
2 changed files with 70 additions and 0 deletions
--- a/target/linux/generic/pending-5.10/750-skb-Do-mix-page-pool-and-page-referenced-frags-in-GR.patch
+++ b/target/linux/generic/pending-5.10/750-skb-Do-mix-page-pool-and-page-referenced-frags-in-GR.patch
@ -0,0 +1,35 @@
+From: Alexander Duyck <alexanderduyck@fb.com>
+Date: Thu, 26 Jan 2023 11:06:59 -0800
+Subject: [PATCH] skb: Do mix page pool and page referenced frags in GRO
+
+GSO should not merge page pool recycled frames with standard reference
+counted frames. Traditionally this didn't occur, at least not often.
+However as we start looking at adding support for wireless adapters there
+becomes the potential to mix the two due to A-MSDU repartitioning frames in
+the receive path. There are possibly other places where this may have
+occurred however I suspect they must be few and far between as we have not
+seen this issue until now.
+
+Fixes: 53e0961da1c7 ("page_pool: add frag page recycling support in page pool")
+Reported-by: Felix Fietkau <nbd@nbd.name>
+Signed-off-by: Alexander Duyck <alexanderduyck@fb.com>
+---
+
+--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
+@@ -4166,6 +4166,15 @@ int skb_gro_receive(struct sk_buff *p, s
+ 	if (unlikely(p->len + len >= 65536 || NAPI_GRO_CB(skb)->flush))
+ 		return -E2BIG;
+ 
+	/* Do not splice page pool based packets w/ non-page pool
+	 * packets. This can result in reference count issues as page
+	 * pool pages will not decrement the reference count and will
+	 * instead be immediately returned to the pool or have frag
+	 * count decremented.
+	 */
+	if (p->pp_recycle != skb->pp_recycle)
+		return -ETOOMANYREFS;
+
+ 	lp = NAPI_GRO_CB(p)->last;
+ 	pinfo = skb_shinfo(lp);
+ 
--- a/target/linux/generic/pending-5.15/750-skb-Do-mix-page-pool-and-page-referenced-frags-in-GR.patch
+++ b/target/linux/generic/pending-5.15/750-skb-Do-mix-page-pool-and-page-referenced-frags-in-GR.patch
@ -0,0 +1,35 @@
+From: Alexander Duyck <alexanderduyck@fb.com>
+Date: Thu, 26 Jan 2023 11:06:59 -0800
+Subject: [PATCH] skb: Do mix page pool and page referenced frags in GRO
+
+GSO should not merge page pool recycled frames with standard reference
+counted frames. Traditionally this didn't occur, at least not often.
+However as we start looking at adding support for wireless adapters there
+becomes the potential to mix the two due to A-MSDU repartitioning frames in
+the receive path. There are possibly other places where this may have
+occurred however I suspect they must be few and far between as we have not
+seen this issue until now.
+
+Fixes: 53e0961da1c7 ("page_pool: add frag page recycling support in page pool")
+Reported-by: Felix Fietkau <nbd@nbd.name>
+Signed-off-by: Alexander Duyck <alexanderduyck@fb.com>
+---
+
+--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
+@@ -4348,6 +4348,15 @@ int skb_gro_receive(struct sk_buff *p, s
+ 	if (unlikely(p->len + len >= 65536 || NAPI_GRO_CB(skb)->flush))
+ 		return -E2BIG;
+ 
+	/* Do not splice page pool based packets w/ non-page pool
+	 * packets. This can result in reference count issues as page
+	 * pool pages will not decrement the reference count and will
+	 * instead be immediately returned to the pool or have frag
+	 * count decremented.
+	 */
+	if (p->pp_recycle != skb->pp_recycle)
+		return -ETOOMANYREFS;
+
+ 	lp = NAPI_GRO_CB(p)->last;
+ 	pinfo = skb_shinfo(lp);
+