ANDROID: properly copy the scm_io_uring field in struct sk_buff

When moving the scm_io_uring field in struct sk_buff to preserve the kernel ABI, the variable also needs to be properly copied to a new sk_buff in the __copy_skb_header() function. Same thing needs to happen in wg_reset_packet() as the sk_buff is initialized there too. Bug: 259233216 Fixes: 16d4484281 ("ANDROID: fix up struct sk_buf ABI breakage") Reported-by: Will Deacon <willdeacon@google.com> Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> Change-Id: I474ad43cc7de844281154d680c0557e769c10b22
2022-11-15 13:09:17 +00:00
parent 16d4484281
commit d9d889009b
3 changed files with 24 additions and 1 deletions
--- a/drivers/net/wireguard/queueing.h
+++ b/drivers/net/wireguard/queueing.h
@@ -82,6 +82,17 @@ static inline void wg_reset_packet(struct sk_buff *skb, bool encapsulating)
 	memset(&skb->headers_start, 0,
 	       offsetof(struct sk_buff, headers_end) -
 		       offsetof(struct sk_buff, headers_start));
+
+	/* ANDROID:
+	 * Due to attempts to keep the ABI stable for struct sk_buff, the new
+	 * fields were incorrectly added _AFTER_ the headers_end field, which
+	 * requires that we manually copy the fields here from the old to the
+	 * new one.
+	 * Be sure to add any new field that is added in the
+	 * ANDROID_KABI_REPLACE() macros below here as well.
+	 */
+	skb->scm_io_uring = 0;
+
 	if (encapsulating) {
 		skb->l4_hash = l4_hash;
 		skb->sw_hash = sw_hash;
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -977,6 +977,10 @@ struct sk_buff {
 	 * scm_io_uring is from 04df9719df18 ("io_uring/af_unix: defer
 	 * registered files gc to io_uring release")
 	 */
+	/* NOTE: due to these fields ending up after headers_end, we have to
+	 * manually copy them in the __copy_skb_header() call in skbuf.c.  Be
+	 * very aware of that if you change these fields.
+	 */
 	_ANDROID_KABI_REPLACE(_ANDROID_KABI_RESERVE(1),
 			 struct {
 				__u8 scm_io_uring:1;
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -1062,7 +1062,15 @@ static void __copy_skb_header(struct sk_buff *new, const struct sk_buff *old)
 #ifdef CONFIG_NET_SCHED
 	CHECK_SKB_FIELD(tc_index);
 #endif
-
+	/* ANDROID:
+	 * Due to attempts to keep the ABI stable for struct sk_buff, the new
+	 * fields were incorrectly added _AFTER_ the headers_end field, which
+	 * requires that we manually copy the fields here from the old to the
+	 * new one.
+	 * Be sure to add any new field that is added in the
+	 * ANDROID_KABI_REPLACE() macros below here as well.
+	 */
+	new->scm_io_uring = old->scm_io_uring;
 }

 /*