It seems that cryptoapi usage wrt mm is not safe. At least both ipsec
and cryptoloop practise these kinds of things :
example from net/xfrm/xfrm_algo.c
int
skb_to_sgvec(struct sk_buff *skb, struct scatterlist *sg, int offset,
int len)
{
int start = skb_headlen(skb);
int i, copy = start - offset;
int elt = 0;
if (copy > 0) {
if (copy > len)
copy = len;
sg[elt].page = virt_to_page(skb->data + offset);
sg[elt].offset = (unsigned long)(skb->data + offset) % PAGE_SIZE;
sg[elt].length = copy;
so unpinned pages are passed to cryptoapi. Nothing prevents these pages
from being swapped out. Something like get_user_pages() is needed to pin
these pages for the duration of crypto operations. Comments?
--Mika
On Sat, 09 Aug 2003 23:33:52 +0300
Mika Penttil? <[email protected]> wrote:
> sg[elt].page = virt_to_page(skb->data + offset);
> sg[elt].offset = (unsigned long)(skb->data + offset) % PAGE_SIZE;
> sg[elt].length = copy;
>
> so unpinned pages are passed to cryptoapi. Nothing prevents these pages
> from being swapped out. Something like get_user_pages() is needed to pin
> these pages for the duration of crypto operations. Comments?
The page at skb->data was allocated by the skbuff allocation
layer, it has therefore a lifetime the size of the SKB itself.
The crypto API call is finished before we can possibly free up
the SKB, so nothing bad can happen.