greybus: enforce max representable message size

We represent the size of a message using a 16-bit field.  It's
possible for a host driver to advertise a maximum message size
that's bigger than that.  If that happens, reduce the host device's
maximum buffer size to the maximum we can represent the first time
a message is allocated.

This information is actually only used by the Greybus code, but
because we're modifying a value that's "owned" by the host driver,
issue a warning when this limit is being imposed

Ensure (at build time) that our own definition is sane as well.

Signed-off-by: Alex Elder <elder@linaro.org>
Signed-off-by: Greg Kroah-Hartman <greg@kroah.com>

drivers/staging/greybus/operation.c

@@ -299,6 +299,12 @@ gb_operation_message_alloc(struct greybus_host_device *hd, u8 type,
 	size_t size;
 	u8 *buffer;
 
+	if (hd->buffer_size_max > GB_OPERATION_MESSAGE_SIZE_MAX) {
+		pr_warn("limiting buffer size to %u\n",
+			GB_OPERATION_MESSAGE_SIZE_MAX);
+		hd->buffer_size_max = GB_OPERATION_MESSAGE_SIZE_MAX;
+	}
+
 	if (message_size > hd->buffer_size_max)
 		return NULL;
 
@@ -750,6 +756,9 @@ int gb_operation_sync(struct gb_connection *connection, int type,
 
 int gb_operation_init(void)
 {
+	BUILD_BUG_ON(GB_OPERATION_MESSAGE_SIZE_MAX >
+			U16_MAX - sizeof(struct gb_operation_msg_hdr));
+
 	gb_operation_cache = kmem_cache_create("gb_operation_cache",
 				sizeof(struct gb_operation), 0, 0, NULL);
 	if (!gb_operation_cache)