> Subject: [PATCH] RDMA/i40iw: Do not manipulate VMA attributes in > i40iw_mmap and remove push mode > > i40iw_mmap manipulates the vma->vm_pgoff to differentiate a push page > mmap vs a doorbell mmap, and uses it to compute the pfn in remap_pfn_range > without any validation. This is vulnerable to exploits as in [1]. > > Push feature is disabled in the driver currently and therefore no push mmaps > are issued from user-space. The feature does not work as expected in x722. So > remove it along with the VMA attribute manipulations for it in the i40iw_mmap. > > Update i40iw_mmap to only allow DB user mmapings at offset = 0. > Check vm_pgoff for zero and if the mmaps are bound to a single page. > > [1] https://lore.kernel.org/linux-rdma/20201119093523.7588-1- > zhudi21@xxxxxxxxxx/raw > > Fixes: cd374984179 ("i40iw: add files for iwarp interface") > Signed-off-by: Shiraz Saleem <shiraz.saleem@xxxxxxxxx> > --- Please ignore this patch. It was accidentally sent out. Shiraz
