On Tue, Jun 20, 2017 at 01:41:04PM +0300, Leon Romanovsky wrote:
> On Tue, Jun 20, 2017 at 08:34:24AM +0000, Amrani, Ram wrote:
> > > Um, how is uapi compatibility achieved here? I don't see any size
> > > tests related to qedr_alloc_ucontext_resp:
> > >
> > > struct ib_ucontext *qedr_alloc_ucontext(struct ib_device *ibdev,
> > > struct ib_udata *udata)
> > > {
> > > struct qedr_alloc_ucontext_resp uresp;
> > > rc = ib_copy_to_udata(udata, &uresp, sizeof(uresp));
> > >
> > > Seems bad.
> > >
> > > Same with the other patch.
> > >
> > > Jason
> >
> > It does seem bad. Did you had in mind something like this:
> > struct qedr_alloc_ucontext_resp uresp;
> > size_t copy_size = min_t(size_t, sizeof(uresp), udata->outlen);
> >
> > rc = ib_copy_to_udata(udata, &uresp, copy_size);
> >
> > If so, it makes sense to me to protect everybody's transactions.
> > I.e.:
> > static inline int ib_copy_to_udata(struct ib_udata *udata, void *src, size_t len)
> > {
> > size_t copy_size = min_t(size_t, sizeof(uresp), udata->outlen);
> > return copy_to_user(udata->outbuf, src, copy_size) ? -EFAULT : 0;
> > }
> >
> > Likewise, a protection can be added for ib_copy_from_udata() too.
>
> mlx4 and mlx5 don't need such protection, because they calculates the
> response length and ensure that no extra data is copied.
so you need to to whatever mlx4/5 do, and if we have some code
duplication then maybe a new ib_copy_to_udate_ex function is sensible.
Jason
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
