RDMA/mana_ib: Use safer allocation function()

My static checker says this multiplication can overflow. I'm not an expert in this code but the call tree would be: ib_uverbs_handler_UVERBS_METHOD_QP_CREATE() <- reads cap from the user -> ib_create_qp_user() -> create_qp() -> mana_ib_create_qp() -> mana_ib_create_ud_qp() -> create_shadow_queue() It can't hurt to use safer interfaces. Fixes: c8017f5b4856 ("RDMA/mana_ib: UD/GSI work requests") Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org> Link: https://patch.msgid.link/58439ac0-1ee5-4f96-a595-7ab83b59139b@stanley.mountain Reviewed-by: Long Li <longli@microsoft.com> Signed-off-by: Leon Romanovsky <leon@kernel.org>
author: Dan Carpenter <dan.carpenter@linaro.org> 2025-03-06 22:49:06 +0300
committer: Leon Romanovsky <leon@kernel.org> 2025-03-08 13:34:17 -0500
commit: 1d5c69514e742846ad3b8727b51b1fd46ea251fd (patch)
tree: 6d6221655c782469e0d01c75c627f1e61034e989
parent: 98cf1d1a178e0410e143039d1deaff31eec6fd2b (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/infiniband/hw/mana/shadow_queue.h b/drivers/infiniband/hw/mana/shadow_queue.h
index d8bfb4c712d5..a4b3818f9c39 100644
--- a/drivers/infiniband/hw/mana/shadow_queue.h
+++ b/drivers/infiniband/hw/mana/shadow_queue.h
@@ -40,7 +40,7 @@ struct shadow_queue {
 
 static inline int create_shadow_queue(struct shadow_queue *queue, uint32_t length, uint32_t stride)
 {
-	queue->buffer = kvmalloc(length * stride, GFP_KERNEL);
+	queue->buffer = kvmalloc_array(length, stride, GFP_KERNEL);
 	if (!queue->buffer)
 		return -ENOMEM;
author	Dan Carpenter <dan.carpenter@linaro.org>	2025-03-06 22:49:06 +0300
committer	Leon Romanovsky <leon@kernel.org>	2025-03-08 13:34:17 -0500
commit	1d5c69514e742846ad3b8727b51b1fd46ea251fd (patch)
tree	6d6221655c782469e0d01c75c627f1e61034e989
parent	98cf1d1a178e0410e143039d1deaff31eec6fd2b (diff)