6.16-stable review patch. If anyone has any objections, please let me know.
------------------
From: Pavel Begunkov asml.silence@gmail.com
commit 262ab205180d2ba3ab6110899a4dbe439c51dfaa upstream.
zcrx areas can be quite large and need to be accounted and checked against RLIMIT_MEMLOCK. In practise it shouldn't be a big issue as the inteface already requires cap_net_admin.
Cc: stable@vger.kernel.org Fixes: cf96310c5f9a0 ("io_uring/zcrx: add io_zcrx_area") Signed-off-by: Pavel Begunkov asml.silence@gmail.com Link: https://lore.kernel.org/r/4b53f0c575bd062f63d12bec6cac98037fc66aeb.175269956... Signed-off-by: Jens Axboe axboe@kernel.dk Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- io_uring/zcrx.c | 29 ++++++++++++++++++++++++++++- io_uring/zcrx.h | 1 + 2 files changed, 29 insertions(+), 1 deletion(-)
--- a/io_uring/zcrx.c +++ b/io_uring/zcrx.c @@ -152,12 +152,29 @@ static int io_zcrx_map_area_dmabuf(struc return niov_idx; }
+static unsigned long io_count_account_pages(struct page **pages, unsigned nr_pages) +{ + struct folio *last_folio = NULL; + unsigned long res = 0; + int i; + + for (i = 0; i < nr_pages; i++) { + struct folio *folio = page_folio(pages[i]); + + if (folio == last_folio) + continue; + last_folio = folio; + res += 1UL << folio_order(folio); + } + return res; +} + static int io_import_umem(struct io_zcrx_ifq *ifq, struct io_zcrx_mem *mem, struct io_uring_zcrx_area_reg *area_reg) { struct page **pages; - int nr_pages; + int nr_pages, ret;
if (area_reg->dmabuf_fd) return -EINVAL; @@ -168,6 +185,13 @@ static int io_import_umem(struct io_zcrx if (IS_ERR(pages)) return PTR_ERR(pages);
+ mem->account_pages = io_count_account_pages(pages, nr_pages); + ret = io_account_mem(ifq->ctx, mem->account_pages); + if (ret < 0) { + mem->account_pages = 0; + return ret; + } + mem->pages = pages; mem->nr_folios = nr_pages; mem->size = area_reg->len; @@ -374,6 +398,9 @@ static void io_zcrx_free_area(struct io_ io_zcrx_unmap_area(area->ifq, area); io_release_area_mem(&area->mem);
+ if (area->mem.account_pages) + io_unaccount_mem(area->ifq->ctx, area->mem.account_pages); + kvfree(area->freelist); kvfree(area->nia.niovs); kvfree(area->user_refs); --- a/io_uring/zcrx.h +++ b/io_uring/zcrx.h @@ -14,6 +14,7 @@ struct io_zcrx_mem {
struct page **pages; unsigned long nr_folios; + unsigned long account_pages;
struct dma_buf_attachment *attach; struct dma_buf *dmabuf;