On Mon, May 20, 2019 at 05:24:43PM +0300, Gal Pressman wrote: > >>> Signed-off-by: Leon Romanovsky <leonro@xxxxxxxxxxxx> > >>> drivers/infiniband/hw/efa/efa_verbs.c | 24 ------------------------ > >>> 1 file changed, 24 deletions(-) > >>> > >>> diff --git a/drivers/infiniband/hw/efa/efa_verbs.c b/drivers/infiniband/hw/efa/efa_verbs.c > >>> index 6d6886c9009f..4999a74cee24 100644 > >>> +++ b/drivers/infiniband/hw/efa/efa_verbs.c > >>> @@ -436,12 +436,6 @@ void efa_dealloc_pd(struct ib_pd *ibpd, struct ib_udata *udata) > >>> struct efa_dev *dev = to_edev(ibpd->device); > >>> struct efa_pd *pd = to_epd(ibpd); > >>> > >>> - if (udata->inlen && > >>> - !ib_is_udata_cleared(udata, 0, udata->inlen)) { > >>> - ibdev_dbg(&dev->ibdev, "Incompatible ABI params\n"); > >>> - return; > >>> - } Regardless of the issue of udata validity, these checks still cannot be here. We are moving the whole core to not return error codes from driver object destroy - because destroy is not allowed to fail in many flows. So, drivers do not have the option to validate the udata and fail destroy at this point. If it ever comes up, then we will need to split validation into another step on the uapi path that is done before invoking the actual destroy function. Generally speaking this means a driver should never use a classical udata for destroy. Instead its provider should call destroy via the new-style ioctl API and the kernel should define a proper schema that is checked before we even reach the driver. Jason