Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

RDMA/mana_ib: Use safer allocation function() 

My static checker says this multiplication can overflow.  I'm not an
expert in this code but the call tree would be:

ib_uverbs_handler_UVERBS_METHOD_QP_CREATE() <- reads cap from the user
-> ib_create_qp_user()
   -> create_qp()
      -> mana_ib_create_qp()
         -> mana_ib_create_ud_qp()
            -> create_shadow_queue()

It can't hurt to use safer interfaces.

Fixes: c8017f5b48 ("RDMA/mana_ib: UD/GSI work requests")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Link: https://patch.msgid.link/58439ac0-1ee5-4f96-a595-7ab83b59139b@stanley.mountain
Reviewed-by: Long Li <longli@microsoft.com>
Signed-off-by: Leon Romanovsky <leon@kernel.org>
This commit is contained in:
Dan Carpenter 2025-03-06 22:49:06 +03:00 committed by Leon Romanovsky
parent 98cf1d1a17
commit 1d5c69514e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
drivers/infiniband/hw/mana/shadow_queue.h
View File

@ -40,7 +40,7 @@ struct shadow_queue {
static inline int create_shadow_queue(struct shadow_queue *queue, uint32_t length, uint32_t stride) static inline int create_shadow_queue(struct shadow_queue *queue, uint32_t length, uint32_t stride)
{ {
queue->buffer = kvmalloc(length * stride, GFP_KERNEL); queue->buffer = kvmalloc_array(length, stride, GFP_KERNEL);
if (!queue->buffer) if (!queue->buffer)
return -ENOMEM; return -ENOMEM;