From: Eli Cohen <eli@dev.mellanox.co.il>
Date: Wed, 15 Jan 2014 12:56:44 +0000 (+0200)
Subject: IB/mlx5: Verify reserved fields are cleared
X-Git-Url: https://git.karo-electronics.de/?a=commitdiff_plain;h=57761d8df8efc7cc1227f9bc22e0dda01b0dd91b;p=linux-beck.git

IB/mlx5: Verify reserved fields are cleared

Verify that reserved fields in struct mlx5_ib_resize_cq are cleared
before continuing execution of the verb. This is required to allow
making use of this area in future revisions.

Signed-off-by: Yann Droneaud <ydroneaud@opteya.com>
Signed-off-by: Eli Cohen <eli@mellanox.com>
Signed-off-by: Roland Dreier <roland@purestorage.com>
---

diff --git a/drivers/infiniband/hw/mlx5/cq.c b/drivers/infiniband/hw/mlx5/cq.c
index 50b03a8067e5..b1705ce6eb88 100644
--- a/drivers/infiniband/hw/mlx5/cq.c
+++ b/drivers/infiniband/hw/mlx5/cq.c
@@ -877,8 +877,12 @@ static int resize_user(struct mlx5_ib_dev *dev, struct mlx5_ib_cq *cq,
 	int npages;
 	struct ib_ucontext *context = cq->buf.umem->context;
 
-	if (ib_copy_from_udata(&ucmd, udata, sizeof(ucmd)))
-		return -EFAULT;
+	err = ib_copy_from_udata(&ucmd, udata, sizeof(ucmd));
+	if (err)
+		return err;
+
+	if (ucmd.reserved0 || ucmd.reserved1)
+		return -EINVAL;
 
 	umem = ib_umem_get(context, ucmd.buf_addr, entries * ucmd.cqe_size,
 			   IB_ACCESS_LOCAL_WRITE, 1);