Txn IDs created up to INT_MAX cause overflow while storing
the IDs in u16 type supported by QMI header.
Limit the txn IDs max value to U16_MAX to avoid overflow.
Signed-off-by: Arun Kumar Neelakantam <aneela@xxxxxxxxxxxxxx>
---
drivers/soc/qcom/qmi_interface.c | 2 +-
include/linux/soc/qcom/qmi.h | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/soc/qcom/qmi_interface.c b/drivers/soc/qcom/qmi_interface.c
index 938ca41c..c239a28 100644
--- a/drivers/soc/qcom/qmi_interface.c
+++ b/drivers/soc/qcom/qmi_interface.c
@@ -318,7 +318,7 @@ int qmi_txn_init(struct qmi_handle *qmi, struct qmi_txn *txn,
txn->dest = c_struct;
mutex_lock(&qmi->txn_lock);
- ret = idr_alloc_cyclic(&qmi->txns, txn, 0, INT_MAX, GFP_KERNEL);
+ ret = idr_alloc_cyclic(&qmi->txns, txn, 0, U16_MAX, GFP_KERNEL);
if (ret < 0)
pr_err("failed to allocate transaction id\n");
diff --git a/include/linux/soc/qcom/qmi.h b/include/linux/soc/qcom/qmi.h
index f4de336..5efa2b6 100644
--- a/include/linux/soc/qcom/qmi.h
+++ b/include/linux/soc/qcom/qmi.h
@@ -166,7 +166,7 @@ struct qmi_ops {
struct qmi_txn {
struct qmi_handle *qmi;
- int id;
+ u16 id;
struct mutex lock;
struct completion completion;
--
The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum,
a Linux Foundation Collaborative Project
