[PATCH 1/5] habanalabs: check pad and reserved fields in ioctls

From: Oded Gabbay
Date: Sun Jan 15 2023 - 04:40:49 EST

Next message: Oded Gabbay: "[PATCH 4/5] habanalabs/gaudi2: read mmio razwi information"
Previous message: Oded Gabbay: "[PATCH 2/5] habanalabs: bugs fixes in timestamps buff alloc"
Next in thread: Oded Gabbay: "[PATCH 3/5] habanalabs: fix bug in timestamps registration code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: farah kassabri <fkassabri@xxxxxxxxx>

Make sure all reserved/pad fields in uapi input structures
are set to 0.

Signed-off-by: farah kassabri <fkassabri@xxxxxxxxx>
Reviewed-by: Oded Gabbay <ogabbay@xxxxxxxxxx>
Signed-off-by: Oded Gabbay <ogabbay@xxxxxxxxxx>
---
.../accel/habanalabs/common/command_submission.c | 15 ++++++++++++++-
.../accel/habanalabs/common/habanalabs_ioctl.c | 6 +++++-
2 files changed, 19 insertions(+), 2 deletions(-)

diff --git a/drivers/accel/habanalabs/common/command_submission.c b/drivers/accel/habanalabs/common/command_submission.c
index bb9584d72c32..c54f504383ac 100644
--- a/drivers/accel/habanalabs/common/command_submission.c
+++ b/drivers/accel/habanalabs/common/command_submission.c
@@ -1310,6 +1310,13 @@ static int hl_cs_sanity_checks(struct hl_fpriv *hpriv, union hl_cs_args *args)
enum hl_device_status status;
enum hl_cs_type cs_type;
bool is_sync_stream;
+ int i;
+
+ for (i = 0 ; i < sizeof(args->in.pad) ; i++)
+ if (args->in.pad[i]) {
+ dev_dbg(hdev->dev, "Padding bytes must be 0\n");
+ return -EINVAL;
+ }

if (!hl_device_operational(hdev, &status)) {
return -EBUSY;
@@ -2918,7 +2925,13 @@ static int hl_multi_cs_wait_ioctl(struct hl_fpriv *hpriv, void *data)
u32 size_to_copy;
u64 *cs_seq_arr;
u8 seq_arr_len;
- int rc;
+ int rc, i;
+
+ for (i = 0 ; i < sizeof(args->in.pad) ; i++)
+ if (args->in.pad[i]) {
+ dev_dbg(hdev->dev, "Padding bytes must be 0\n");
+ return -EINVAL;
+ }

if (!hdev->supports_wait_for_multi_cs) {
dev_err(hdev->dev, "Wait for multi CS is not supported\n");
diff --git a/drivers/accel/habanalabs/common/habanalabs_ioctl.c b/drivers/accel/habanalabs/common/habanalabs_ioctl.c
index 72493bf94ba3..5005e6fca691 100644
--- a/drivers/accel/habanalabs/common/habanalabs_ioctl.c
+++ b/drivers/accel/habanalabs/common/habanalabs_ioctl.c
@@ -884,9 +884,13 @@ static int _hl_info_ioctl(struct hl_fpriv *hpriv, void *data,
enum hl_device_status status;
struct hl_info_args *args = data;
struct hl_device *hdev = hpriv->hdev;
-
int rc;

+ if (args->pad) {
+ dev_dbg(hdev->dev, "Padding bytes must be 0\n");
+ return -EINVAL;
+ }
+
/*
* Information is returned for the following opcodes even if the device
* is disabled or in reset.
--
2.25.1

Next message: Oded Gabbay: "[PATCH 4/5] habanalabs/gaudi2: read mmio razwi information"
Previous message: Oded Gabbay: "[PATCH 2/5] habanalabs: bugs fixes in timestamps buff alloc"
Next in thread: Oded Gabbay: "[PATCH 3/5] habanalabs: fix bug in timestamps registration code"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]