Re: [PATCH][next] RDMA/bnxt_re: Fix uninitialized struct bit field rsvd1
From: Jason Gunthorpe
Date: Wed Jun 23 2021 - 13:38:25 EST
On Wed, Jun 23, 2021 at 06:12:02PM +0100, Colin King wrote:
> From: Colin Ian King <colin.king@xxxxxxxxxxxxx>
>
> The bit field rsvd1 in resp is not being initialized and garbage data
> is being copied from the stack back to userspace via the ib_copy_to_udata
> call. Fix this by setting rsvd1 to zero. Also remove some whitespace.
>
> Addresses-Coverity: ("Uninitialized scalar variable")
> Fixes: 879740517dab ("RDMA/bnxt_re: Update ABI to pass wqe-mode to user space")
> Signed-off-by: Colin Ian King <colin.king@xxxxxxxxxxxxx>
> drivers/infiniband/hw/bnxt_re/ib_verbs.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/infiniband/hw/bnxt_re/ib_verbs.c b/drivers/infiniband/hw/bnxt_re/ib_verbs.c
> index 5955713234cb..45398f1777aa 100644
> +++ b/drivers/infiniband/hw/bnxt_re/ib_verbs.c
> @@ -3880,7 +3880,8 @@ int bnxt_re_alloc_ucontext(struct ib_ucontext *ctx, struct ib_udata *udata)
> resp.pg_size = PAGE_SIZE;
> resp.cqe_sz = sizeof(struct cq_base);
> resp.max_cqd = dev_attr->max_cq_wqes;
> - resp.rsvd = 0;
> + resp.rsvd = 0;
> + resp.rsvd1 = 0;
I think I would prefer
struct bnxt_re_uctx_resp resp = {};
This isn't a performance path
Jason