Commit c4418f34 authored by Maxim Mikityanskiy's avatar Maxim Mikityanskiy Committed by Jakub Kicinski

net/mlx5: Add MLX5_FLEXIBLE_INLEN to safely calculate cmd inlen

Some commands use a flexible array after a common header. Add a macro to
safely calculate the total input length of the command, detecting
overflows and printing errors with specific values when such overflows
happen.
Signed-off-by: default avatarMaxim Mikityanskiy <maximmi@nvidia.com>
Reviewed-by: default avatarTariq Toukan <tariqt@nvidia.com>
Signed-off-by: default avatarSaeed Mahameed <saeedm@nvidia.com>
Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parent ecc7ad2e
...@@ -143,6 +143,36 @@ enum mlx5_semaphore_space_address { ...@@ -143,6 +143,36 @@ enum mlx5_semaphore_space_address {
#define MLX5_DEFAULT_PROF 2 #define MLX5_DEFAULT_PROF 2
static inline int mlx5_flexible_inlen(struct mlx5_core_dev *dev, size_t fixed,
size_t item_size, size_t num_items,
const char *func, int line)
{
int inlen;
if (fixed > INT_MAX || item_size > INT_MAX || num_items > INT_MAX) {
mlx5_core_err(dev, "%s: %s:%d: input values too big: %zu + %zu * %zu\n",
__func__, func, line, fixed, item_size, num_items);
return -ENOMEM;
}
if (check_mul_overflow((int)item_size, (int)num_items, &inlen)) {
mlx5_core_err(dev, "%s: %s:%d: multiplication overflow: %zu + %zu * %zu\n",
__func__, func, line, fixed, item_size, num_items);
return -ENOMEM;
}
if (check_add_overflow((int)fixed, inlen, &inlen)) {
mlx5_core_err(dev, "%s: %s:%d: addition overflow: %zu + %zu * %zu\n",
__func__, func, line, fixed, item_size, num_items);
return -ENOMEM;
}
return inlen;
}
#define MLX5_FLEXIBLE_INLEN(dev, fixed, item_size, num_items) \
mlx5_flexible_inlen(dev, fixed, item_size, num_items, __func__, __LINE__)
int mlx5_query_hca_caps(struct mlx5_core_dev *dev); int mlx5_query_hca_caps(struct mlx5_core_dev *dev);
int mlx5_query_board_id(struct mlx5_core_dev *dev); int mlx5_query_board_id(struct mlx5_core_dev *dev);
int mlx5_cmd_init(struct mlx5_core_dev *dev); int mlx5_cmd_init(struct mlx5_core_dev *dev);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment