> Subject: Re: [PATCH] RDMA/i40iw: Fix a mmap handler exploitation > > On Fri, Nov 20, 2020 at 11:56:36PM +0000, Saleem, Shiraz wrote: > > > Well, the push feature is disabled by default and today there will be > > no push page mmap from user-space since uresp.push_idx is an invalid > > one. Its disabled for good reason as its not working as expected. > > There is an option to turn it on via module param but that does not > > work as expected still resulting in an invalid uresp.push_idx passed > > to user-space and no mmap. > > > > So isn’t it better to just remove the push related code in the driver? > > which should also remove the manipulation on the vm_pgoff I believe. > > Yes, delete all the push code, module param, etc. Set the invalid push_idx, verify > vm_pgoff == 0 and hardwire the pfn to be a single BAR page. > > Can you send a patch soon? Yes.
