From a168a41c8147fe644f1144031a6ec27a1a13fe37 Mon Sep 17 00:00:00 2001 From: Majd Dibbiny Date: Thu, 28 Jan 2016 17:51:47 +0200 Subject: IB/mlx5: Fix reqlen validation in mlx5_ib_alloc_ucontext Older libraries that don't have all the new req_v2 fields should be able to work as well. Today, if the library uses v2, it will fail to allocate context since the size of reqlen is smaller than the req_v2 size. Fix the validation to be with the original req_v2 size and not the current. Fixes: f72300c56c3b ('IB/mlx5: Expose CQE version to user-space') Signed-off-by: Majd Dibbiny Signed-off-by: Doug Ledford --- drivers/infiniband/hw/mlx5/main.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'drivers/infiniband/hw/mlx5/main.c') diff --git a/drivers/infiniband/hw/mlx5/main.c b/drivers/infiniband/hw/mlx5/main.c index 6f67412c1296..03c418ccbc98 100644 --- a/drivers/infiniband/hw/mlx5/main.c +++ b/drivers/infiniband/hw/mlx5/main.c @@ -844,6 +844,8 @@ static struct ib_ucontext *mlx5_ib_alloc_ucontext(struct ib_device *ibdev, int err; int i; size_t reqlen; + size_t min_req_v2 = offsetof(struct mlx5_ib_alloc_ucontext_req_v2, + max_cqe_version); if (!dev->ib_active) return ERR_PTR(-EAGAIN); @@ -854,7 +856,7 @@ static struct ib_ucontext *mlx5_ib_alloc_ucontext(struct ib_device *ibdev, reqlen = udata->inlen - sizeof(struct ib_uverbs_cmd_hdr); if (reqlen == sizeof(struct mlx5_ib_alloc_ucontext_req)) ver = 0; - else if (reqlen >= sizeof(struct mlx5_ib_alloc_ucontext_req_v2)) + else if (reqlen >= min_req_v2) ver = 2; else return ERR_PTR(-EINVAL); -- cgit v1.2.3-59-g8ed1b