> Um, how is uapi compatibility achieved here? I don't see any size
> tests related to qedr_alloc_ucontext_resp:
>
> struct ib_ucontext *qedr_alloc_ucontext(struct ib_device *ibdev,
> struct ib_udata *udata)
> {
> struct qedr_alloc_ucontext_resp uresp;
> rc = ib_copy_to_udata(udata, &uresp, sizeof(uresp));
>
> Seems bad.
>
> Same with the other patch.
>
> Jason
It does seem bad. Did you had in mind something like this:
struct qedr_alloc_ucontext_resp uresp;
size_t copy_size = min_t(size_t, sizeof(uresp), udata->outlen);
rc = ib_copy_to_udata(udata, &uresp, copy_size);
If so, it makes sense to me to protect everybody's transactions.
I.e.:
static inline int ib_copy_to_udata(struct ib_udata *udata, void *src, size_t len)
{
size_t copy_size = min_t(size_t, sizeof(uresp), udata->outlen);
return copy_to_user(udata->outbuf, src, copy_size) ? -EFAULT : 0;
}
Likewise, a protection can be added for ib_copy_from_udata() too.
Let me know if I'm missing something. If not, I'll send a patch.
Thanks,
Ram
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
