greybus: enforce max representable message size
We represent the size of a message using a 16-bit field. It's possible for a host driver to advertise a maximum message size that's bigger than that. If that happens, reduce the host device's maximum buffer size to the maximum we can represent the first time a message is allocated. This information is actually only used by the Greybus code, but because we're modifying a value that's "owned" by the host driver, issue a warning when this limit is being imposed Ensure (at build time) that our own definition is sane as well. Signed-off-by: Alex Elder <elder@linaro.org> Signed-off-by: Greg Kroah-Hartman <greg@kroah.com>hifive-unleashed-5.1
parent
94b15d7613
commit
ab3cf8dc7d
|
@ -299,6 +299,12 @@ gb_operation_message_alloc(struct greybus_host_device *hd, u8 type,
|
|||
size_t size;
|
||||
u8 *buffer;
|
||||
|
||||
if (hd->buffer_size_max > GB_OPERATION_MESSAGE_SIZE_MAX) {
|
||||
pr_warn("limiting buffer size to %u\n",
|
||||
GB_OPERATION_MESSAGE_SIZE_MAX);
|
||||
hd->buffer_size_max = GB_OPERATION_MESSAGE_SIZE_MAX;
|
||||
}
|
||||
|
||||
if (message_size > hd->buffer_size_max)
|
||||
return NULL;
|
||||
|
||||
|
@ -750,6 +756,9 @@ int gb_operation_sync(struct gb_connection *connection, int type,
|
|||
|
||||
int gb_operation_init(void)
|
||||
{
|
||||
BUILD_BUG_ON(GB_OPERATION_MESSAGE_SIZE_MAX >
|
||||
U16_MAX - sizeof(struct gb_operation_msg_hdr));
|
||||
|
||||
gb_operation_cache = kmem_cache_create("gb_operation_cache",
|
||||
sizeof(struct gb_operation), 0, 0, NULL);
|
||||
if (!gb_operation_cache)
|
||||
|
|
Loading…
Reference in New Issue