FAILED: patch "[PATCH] cxl/mbox: Fix missing variable payload checks in cmd size" failed to apply to 5.18-stable tree

<gregkh@xxxxxxxxxxxxxxxxxxx> · Sat, 09 Jul 2022 10:16:55 +0200

The patch below does not apply to the 5.18-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable@xxxxxxxxxxxxxxx>.

thanks,

greg k-h

------------------ original commit in Linus's tree ------------------

>From e35f5718903b093be4b1d3833aa8a32f864a3ef1 Mon Sep 17 00:00:00 2001
From: Vishal Verma <vishal.l.verma@xxxxxxxxx>
Date: Tue, 28 Jun 2022 16:01:09 -0600
Subject: [PATCH] cxl/mbox: Fix missing variable payload checks in cmd size
 validation

The conversion of command sizes to unsigned missed a couple of checks
against variable size payloads during command validation, which made all
variable payload commands unconditionally fail. Add the checks back using
the new CXL_VARIABLE_PAYLOAD scheme.

Fixes: 26f89535a5bb ("cxl/mbox: Use type __u32 for mailbox payload sizes")
Cc: <stable@xxxxxxxxxxxxxxx>
Cc: Ira Weiny <ira.weiny@xxxxxxxxx>
Cc: Dan Williams <dan.j.williams@xxxxxxxxx>
Cc: Alison Schofield <alison.schofield@xxxxxxxxx>
Reported-by: Abhi Cs <abhi.cs@xxxxxxxxx>
Reviewed-by: Dan Williams <dan.j.williams@xxxxxxxxx>
Reviewed-by: Alison Schofield <alison.schofield@xxxxxxxxx>
Signed-off-by: Vishal Verma <vishal.l.verma@xxxxxxxxx>
Link: https://lore.kernel.org/r/20220628220109.633564-1-vishal.l.verma@xxxxxxxxx
Signed-off-by: Dan Williams <dan.j.williams@xxxxxxxxx>

diff --git a/drivers/cxl/core/mbox.c b/drivers/cxl/core/mbox.c
index 54f434733b56..cbf23beebebe 100644
--- a/drivers/cxl/core/mbox.c
+++ b/drivers/cxl/core/mbox.c
@@ -355,11 +355,13 @@ static int cxl_to_mem_cmd(struct cxl_mem_command *mem_cmd,
 		return -EBUSY;
 
 	/* Check the input buffer is the expected size */
-	if (info->size_in != send_cmd->in.size)
+	if ((info->size_in != CXL_VARIABLE_PAYLOAD) &&
+	    (info->size_in != send_cmd->in.size))
 		return -ENOMEM;
 
 	/* Check the output buffer is at least large enough */
-	if (send_cmd->out.size < info->size_out)
+	if ((info->size_out != CXL_VARIABLE_PAYLOAD) &&
+	    (send_cmd->out.size < info->size_out))
 		return -ENOMEM;
 
 	*mem_cmd = (struct cxl_mem_command) {







