In Linux virtio-net driver's (drivers/net/virtio_net.c) big packets mode (vi->big_packets && vi->mergeable_rx_bufs), the buf pointer passed to receive_buf() is a struct page pointer, not a buffer pointer. The current code incorrectly casts this page pointer directly as a virtio_net_common_hdr, causing it to read flags from the page struct memory instead of the actual packet data.
Signed-off-by: Wen Xin <[email protected]> --- drivers/net/virtio_net.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c index 7646ddd9bef7..c10f5585bc88 100644 --- a/drivers/net/virtio_net.c +++ b/drivers/net/virtio_net.c @@ -2566,7 +2566,13 @@ static void receive_buf(struct virtnet_info *vi, struct receive_queue *rq, * virtnet_xdp_set()), so packets marked as * VIRTIO_NET_HDR_F_NEEDS_CSUM get dropped during XDP processing. */ - flags = ((struct virtio_net_common_hdr *)buf)->hdr.flags; + if (vi->big_packets && !vi->mergeable_rx_bufs) { + struct virtio_net_common_hdr *hdr = page_address((struct page *)buf); + + flags = hdr->hdr.flags; + } else { + flags = ((struct virtio_net_common_hdr *)buf)->hdr.flags; + } if (vi->mergeable_rx_bufs) skb = receive_mergeable(dev, vi, rq, buf, ctx, len, xdp_xmit, -- 2.39.5 (Apple Git-154)
