On 6/21/25 4:49 PM, Bui Quang Minh wrote:
> When calling buf_to_xdp, the len argument is the frame data's length
> without virtio header's length (vi->hdr_len). We check that len with
>
> xsk_pool_get_rx_frame_size() + vi->hdr_len
>
> to ensure the provided len does not larger than the allocated chunk
> size. The additional vi->hdr_len is because in virtnet_add_recvbuf_xsk,
> we use part of XDP_PACKET_HEADROOM for virtio header and ask the vhost
> to start placing data from
>
> hard_start + XDP_PACKET_HEADROOM - vi->hdr_len
> not
> hard_start + XDP_PACKET_HEADROOM
>
> But the first buffer has virtio_header, so the maximum frame's length in
> the first buffer can only be
>
> xsk_pool_get_rx_frame_size()
> not
> xsk_pool_get_rx_frame_size() + vi->hdr_len
>
> like in the current check.
>
> This commit adds an additional argument to buf_to_xdp differentiate
> between the first buffer and other ones to correctly calculate the maximum
> frame's length.
>
> Fixes: a4e7ba702701 ("virtio_net: xsk: rx: support recv small mode")
It looks like the checks in the blamed commit above are correct and the
bug has been added with commit 99c861b44eb1f ("virtio_net: xsk: rx:
support recv merge mode")???
/P
