Revert "RDMA/mlx5: Fix integer overflow while resizing CQ"

The original commit of this patch has a munged log message that is missing several of the tags the original author intended to be on the patch. This was due to patchworks misinterpreting a cut-n-paste separator line as an end of message line and munging the mbox that was used to import the patch: https://patchwork.kernel.org/patch/10264089/ The original patch will be reapplied with a fixed commit message so the proper tags are applied. This reverts commit aa0de36a. Signed-off-by: Doug Ledford <dledford@redhat.com>

Revert "RDMA/mlx5: Fix integer overflow while resizing CQ"
The original commit of this patch has a munged log message that is missing several of the tags the original author intended to be on the patch. This was due to patchworks misinterpreting a cut-n-paste separator line as an end of message line and munging the mbox that was used to import the patch: https://patchwork.kernel.org/patch/10264089/ The original patch will be reapplied with a fixed commit message so the proper tags are applied. This reverts commit aa0de36a. Signed-off-by: Doug Ledford <dledford@redhat.com>
212a0cbc · Doug Ledford · a5880b84 · 212a0cbc
Commit 212a0cbc authored Mar 09, 2018 by Doug Ledford
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 6 deletions

drivers/infiniband/hw/mlx5/cq.c drivers/infiniband/hw/mlx5/cq.c +1 -6

No files found.
--- a/drivers/infiniband/hw/mlx5/cq.c
+++ b/drivers/infiniband/hw/mlx5/cq.c
@@ -1178,12 +1178,7 @@ static int resize_user(struct mlx5_ib_dev *dev, struct mlx5_ib_cq *cq,
 	if (ucmd.reserved0 || ucmd.reserved1)
 		return -EINVAL;

-	/* check multiplication overflow */
-	if (ucmd.cqe_size && SIZE_MAX / ucmd.cqe_size <= entries - 1)
-		return -EINVAL;
-
-	umem = ib_umem_get(context, ucmd.buf_addr,
-			   (size_t)ucmd.cqe_size * entries,
+	umem = ib_umem_get(context, ucmd.buf_addr, entries * ucmd.cqe_size,
 			   IB_ACCESS_LOCAL_WRITE, 1);
 	if (IS_ERR(umem)) {
 		err = PTR_ERR(umem);