On Thu, Oct 26, 2017 at 5:15 AM, Jason Wang <jasow...@redhat.com> wrote:
> An unaligned alloc_frag->offset caused by previous allocation will
> result an unaligned skb->head. This will lead unaligned
> skb_shared_info and then unaligned dataref which requires to be
> aligned for accessing on some architecture. Fix this by aligning
> alloc_frag->offset before the frag refilling.
>
> Fixes: 0bbd7dad34f8 ("tun: make tun_build_skb() thread safe")
> Cc: Eric Dumazet <eduma...@google.com>
> Cc: Willem de Bruijn <willemdebruijn.ker...@gmail.com>
> Cc: Wei Wei <dotwe...@gmail.com>
> Cc: Dmitry Vyukov <dvyu...@google.com>
> Cc: Mark Rutland <mark.rutl...@arm.com>
> Reported-by: Wei Wei <dotwe...@gmail.com>
> Signed-off-by: Jason Wang <jasow...@redhat.com>
> ---
> - The patch is needed for -stable.
> - Wei, can you try this patch to see if it solves your issue?
> ---
> drivers/net/tun.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/net/tun.c b/drivers/net/tun.c
> index b9973fb..60e44f2 100644
> --- a/drivers/net/tun.c
> +++ b/drivers/net/tun.c
> @@ -1286,6 +1286,7 @@ static struct sk_buff *tun_build_skb(struct tun_struct
> *tun,
> buflen += SKB_DATA_ALIGN(len + pad);
> rcu_read_unlock();
>
> + alloc_frag->offset = ALIGN((u64)alloc_frag->offset, TUN_RX_PAD);
You have to align to one cache line (SMP_CACHE_BYTES), or SKB_DATA_ALIGN(1)
Then eventually use skb_reserve() for NET_IP_ALIGN, but I guess it is
already done.
