[openib-general] [PATCH repost] libmthca: stricter checks in mthca_create_srq
Michael S. Tsirkin
mst at mellanox.co.il
Mon Jul 31 05:07:12 PDT 2006
Roland, could you comment please?
---
If SRQ max_wr is too high, srq buf size calculation
srq->buf_size = srq->max << srq->wqe_shift
might overflow, resulting in crash on buffer access.
The simplest solution is to limit max_wr since practically hardware
does not support values bigger than 1 << 16.
Signed-off-by: Michael S. Tsirkin <mst at mellanox.co.il>
Index: openib/src/userspace/libmthca/src/verbs.c
===================================================================
--- openib/src/userspace/libmthca/src/verbs.c (revision 8484)
+++ openib/src/userspace/libmthca/src/verbs.c (working copy)
@@ -372,7 +372,7 @@ struct ibv_srq *mthca_create_srq(struct
int ret;
/* Sanity check SRQ size before proceeding */
- if (attr->attr.max_wr > 16 << 20 || attr->attr.max_sge > 64)
+ if (attr->attr.max_wr >= 1 << 16 || attr->attr.max_sge > 64)
return NULL;
srq = malloc(sizeof *srq);
--
MST
More information about the general
mailing list