On 3/5/26 5:33 PM, Paolo Abeni wrote:
As noted by Micheal in the previous revision the above will
skb->truesize under accounting. That is not safe and at least need a
solid explaination, which is still missing.
I misunderstood Michael's v9 feedback as a variable naming issue and
only added a separate alloc_len to avoid clobbering len, without
actually propagating the real allocation size to truesize.
page_pool_alloc_va() can return more than requested when the remaining
page fragment is too small for another allocation. The small buffer path
ignores this and reconstructs buflen from constants in
receive_small_build_skb(), so build_skb() sets truesize based on the
requested size, not the actual allocation.
I'll fix this in v11 by encoding the actual allocation size in the ctx
pointer (similar to how the mergeable path uses mergeable_len_to_ctx)
so receive_small_build_skb() can pass the real buflen to build_skb().
/P
