On Thu, Sep 10, 2020 at 12:56 AM Björn Töpel <bjorn.topel@xxxxxxxxx> wrote:
>
> From: Björn Töpel <bjorn.topel@xxxxxxxxx>
>
> For AF_XDP sockets, there was a discrepancy between the number of of
> pinned pages and the size of the umem region.
>
> The size of the umem region is used to validate the AF_XDP descriptor
> addresses. The logic that pinned the pages covered by the region only
> took whole pages into consideration, creating a mismatch between the
> size and pinned pages. A user could then pass AF_XDP addresses outside
> the range of pinned pages, but still within the size of the region,
> crashing the kernel.
>
> This change correctly calculates the number of pages to be
> pinned. Further, the size check for the aligned mode is
> simplified. Now the code simply checks if the size is divisible by the
> chunk size.
>
> Fixes: bbff2f321a86 ("xsk: new descriptor addressing scheme")
> Reported-by: Ciara Loftus <ciara.loftus@xxxxxxxxx>
> Signed-off-by: Björn Töpel <bjorn.topel@xxxxxxxxx>
Applied. Thanks
