git.kernel.dk Git - linux-2.6-block.git/commit

author	Alexander Lobakin <aleksander.lobakin@intel.com>
	Thu, 15 Feb 2024 11:39:05 +0000 (12:39 +0100)
committer	Jakub Kicinski <kuba@kernel.org>
	Mon, 19 Feb 2024 19:48:00 +0000 (11:48 -0800)
commit	56ef27e3abe6d6453b1f4f6127041f3a65d7cbc9
tree	4a0ffd10e40a1afcc6d41ab566b4d87ed1dc3809	tree \| snapshot
parent	5983e5df86303564f0968e6e4108ca08e00828ee	commit \| diff

page_pool: disable direct recycling based on pool->cpuid on destroy

Now that direct recycling is performed basing on pool->cpuid when set,
memory leaks are possible:

1. A pool is destroyed.
2. Alloc cache is emptied (it's done only once).
3. pool->cpuid is still set.
4. napi_pp_put_page() does direct recycling basing on pool->cpuid.
5. Now alloc cache is not empty, but it won't ever be freed.

In order to avoid that, rewrite pool->cpuid to -1 when unlinking NAPI to
make sure no direct recycling will be possible after emptying the cache.
This involves a bit of overhead as pool->cpuid now must be accessed
via READ_ONCE() to avoid partial reads.
Rename page_pool_unlink_napi() -> page_pool_disable_direct_recycling()
to reflect what it actually does and unexport it.

Signed-off-by: Alexander Lobakin <aleksander.lobakin@intel.com>
Reviewed-by: Toke Høiland-Jørgensen <toke@redhat.com>
Link: https://lore.kernel.org/r/20240215113905.96817-1-aleksander.lobakin@intel.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

include/net/page_pool/types.h		diff \| blob \| blame \| history
net/core/page_pool.c		diff \| blob \| blame \| history
net/core/skbuff.c		diff \| blob \| blame \| history