AuxXxilium/linux_dsm_epyc7002
1
0
Fork 0
mirror of https://github.com/AuxXxilium/linux_dsm_epyc7002.git synced 2025-01-13 14:46:33 +07:00
Code Issues Actions Packages Projects Releases Wiki Activity
27f2d59a4a
linux_dsm_epyc7002/drivers/infiniband/hw
History
Wenpeng Liang 27f2d59a4a RDMA/hns: Limit the length of data copied between kernel and userspace 
[ Upstream commit 1c0ca9cd1741687f529498ddb899805fc2c51caa ]

For ib_copy_from_user(), the length of udata may not be the same as that
of cmd. For ib_copy_to_user(), the length of udata may not be the same as
that of resp. So limit the length to prevent out-of-bounds read and write
operations from ib_copy_from_user() and ib_copy_to_user().

Fixes: de77503a59 ("RDMA/hns: RDMA/hns: Assign rq head pointer when enable rq record db")
Fixes: 633fb4d9fd ("RDMA/hns: Use structs to describe the uABI instead of opencoding")
Fixes: ae85bf92ef ("RDMA/hns: Optimize qp param setup flow")
Fixes: 6fd610c573 ("RDMA/hns: Support 0 hop addressing for SRQ buffer")
Fixes: 9d9d4ff788 ("RDMA/hns: Update the kernel header file of hns")
Link: https://lore.kernel.org/r/1607650657-35992-2-git-send-email-liweihang@huawei.com
Signed-off-by: Wenpeng Liang <liangwenpeng@huawei.com>
Signed-off-by: Weihang Li <liweihang@huawei.com>
Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2020-12-30 11:53:51 +01:00
..
bnxt_re RDMA/bnxt_re: Fix entry size during SRQ create 2020-12-30 11:52:57 +01:00
cxgb4 RDMA/cxgb4: Validate the number of CQEs 2020-12-30 11:53:19 +01:00
efa RDMA/efa: Use the correct current and new states in modify QP 2020-12-01 20:53:48 -04:00
hfi1 IB/hfi1: Ensure correct mm is used at all times 2020-11-25 20:30:46 -04:00
hns RDMA/hns: Limit the length of data copied between kernel and userspace 2020-12-30 11:53:51 +01:00
i40iw RDMA/i40iw: Address an mmap handler exploit in i40iw 2020-11-25 10:38:11 -04:00
mlx4 RDMA: Explicitly pass in the dma_device to ib_register_device 2020-10-16 13:53:46 -03:00
mlx5 RDMA/mlx5: Fix corruption of reg_pages in mlx5_ib_rereg_user_mr() 2020-12-30 11:53:01 +01:00
mthca RDMa/mthca: Work around -Wenum-conversion warning 2020-12-30 11:53:08 +01:00
ocrdma RDMA: Explicitly pass in the dma_device to ib_register_device 2020-10-16 13:53:46 -03:00
qedr RDMA/qedr: iWARP invalid(zero) doorbell address fix 2020-12-01 20:52:07 -04:00
qib Merge branch 'mlx5_active_speed' into rdma.git for-next 2020-09-18 10:31:45 -03:00
usnic RDMA: Explicitly pass in the dma_device to ib_register_device 2020-10-16 13:53:46 -03:00
vmw_pvrdma RDMA/pvrdma: Fix missing kfree() in pvrdma_register_device() 2020-11-12 13:05:46 -04:00
Makefile RDMA/iw_cxgb3: Remove the iw_cxgb3 module from kernel 2019-10-04 15:08:59 -03:00