Don't allow installing UMEM on queue IDs higher than real_num_rx_queues.
Note that the check in xsk_bind() is advisory at most, since it's done
without rtnl. Besides from driver's perspective the UMEM queue ID really
only relates to RX queues. TX real_num_tx_queues queues the driver
exposes are for SKBs. AF_XDP zero-copy TX will most likely use separate
rings much like XDP_TX does. So the AF_XDP's concept of queue indexes
only relates to RX queues at driver level.
Signed-off-by: Jakub Kicinski <jakub.kicin...@netronome.com>
Reviewed-by: Quentin Monnet <quentin.mon...@netronome.com>
---
net/xdp/xdp_umem.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/net/xdp/xdp_umem.c b/net/xdp/xdp_umem.c
index 911ca6d3cb5a..8139a2c5c5ed 100644
--- a/net/xdp/xdp_umem.c
+++ b/net/xdp/xdp_umem.c
@@ -79,6 +79,11 @@ int xdp_umem_assign_dev(struct xdp_umem *umem, struct
net_device *dev,
bpf.command = XDP_QUERY_XSK_UMEM;
rtnl_lock();
+ if (queue_id >= dev->real_num_rx_queues) {
+ err = -EINVAL;
+ goto err_rtnl_unlock;
+ }
+
err = xdp_umem_query(dev, queue_id);
if (err) {
err = err < 0 ? -ENOTSUPP : -EBUSY;
--
2.17.1
