Tree - kernel/kernel-source - Pagure for openSUSE

kernel / kernel-source

Source
Stats

Files

Commit: a99b602ac2b8c237ced40a4769f19ed10f16288a

Blob Blame History Raw

From: Dennis Dalessandro <dennis.dalessandro@intel.com>
Date: Mon, 29 May 2017 17:19:21 -0700
Subject: IB/hfi1: Use QPN mask to avoid overflow
Patch-mainline: v4.14-rc1
Git-commit: 6c31e5283cb06b81a13cc88da2f2ad3db594a935
References: bsc#1060463 FATE#323043

Ensure we can't come up with an array size that is bigger than the array
by applying the QPN mask before the divide in the free_qpn function.

Reviewed-by: Michael J. Ruhl <michael.j.ruhl@intel.com>
Signed-off-by: Dennis Dalessandro <dennis.dalessandro@intel.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
Acked-by: Thomas Bogendoerfer <tbogendoerfer@suse.de>
---
 drivers/infiniband/sw/rdmavt/qp.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/drivers/infiniband/sw/rdmavt/qp.c
+++ b/drivers/infiniband/sw/rdmavt/qp.c
@@ -644,7 +644,7 @@ static void rvt_free_qpn(struct rvt_qpn_
 {
 	struct rvt_qpn_map *map;
 
-	map = qpt->map + qpn / RVT_BITS_PER_PAGE;
+	map = qpt->map + (qpn & RVT_QPN_MASK) / RVT_BITS_PER_PAGE;
 	if (map->page)
 		clear_bit(qpn & RVT_BITS_PER_PAGE_MASK, map->page);
 }

kernel / kernel-source

Source Code

Files