summaryrefslogtreecommitdiffstats
path: root/drivers/infiniband/hw/qib/qib_ruc.c
diff options
context:
space:
mode:
authorKamenee Arumugam <kamenee.arumugam@intel.com>2017-08-22 03:26:32 +0200
committerDoug Ledford <dledford@redhat.com>2017-08-29 01:12:17 +0200
commit27147273a68ecf5738ef87ccc6cd4bb8883fca84 (patch)
treeaa1fd93479e8eb65efc093fac7a83f9af0e27b33 /drivers/infiniband/hw/qib/qib_ruc.c
parentIB/qib: Remove unnecessary memory allocation for boardname (diff)
downloadlinux-27147273a68ecf5738ef87ccc6cd4bb8883fca84.tar.xz
linux-27147273a68ecf5738ef87ccc6cd4bb8883fca84.zip
IB/qib: Stricter bounds checking for copy and array access
Added checking on index value of array 'guids' in qib_ruc.c. Pass in corrrect size of array for memset operation in qib_mad.c. Reviewed-by: Michael J. Ruhl <michael.j.ruhl@intel.com> Signed-off-by: Kamenee Arumugam <kamenee.arumugam@intel.com> Signed-off-by: Dennis Dalessandro <dennis.dalessandro@intel.com> Signed-off-by: Doug Ledford <dledford@redhat.com>
Diffstat (limited to 'drivers/infiniband/hw/qib/qib_ruc.c')
-rw-r--r--drivers/infiniband/hw/qib/qib_ruc.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/drivers/infiniband/hw/qib/qib_ruc.c b/drivers/infiniband/hw/qib/qib_ruc.c
index e6a42a8972f5..53efbb0b40c4 100644
--- a/drivers/infiniband/hw/qib/qib_ruc.c
+++ b/drivers/infiniband/hw/qib/qib_ruc.c
@@ -645,8 +645,10 @@ u32 qib_make_grh(struct qib_ibport *ibp, struct ib_grh *hdr,
hdr->hop_limit = grh->hop_limit;
/* The SGID is 32-bit aligned. */
hdr->sgid.global.subnet_prefix = ibp->rvp.gid_prefix;
- hdr->sgid.global.interface_id = grh->sgid_index ?
- ibp->guids[grh->sgid_index - 1] : ppd_from_ibp(ibp)->guid;
+ if (!grh->sgid_index)
+ hdr->sgid.global.interface_id = ppd_from_ibp(ibp)->guid;
+ else if (grh->sgid_index < QIB_GUIDS_PER_PORT)
+ hdr->sgid.global.interface_id = ibp->guids[grh->sgid_index - 1];
hdr->dgid = grh->dgid;
/* GRH header size in 32-bit words. */
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-28 04:55:03 +0100