On Thu, Mar 12, 2026 at 04:25:37AM -0700, Erni Sri Satya Vennela wrote: > As part of MANA hardening for CVM, clamp hardware-reported adapter > capability values from the MANA_IB_GET_ADAPTER_CAP response before > they are used by the IB subsystem. > > The response fields (max_qp_count, max_cq_count, max_mr_count, > max_pd_count, max_inbound_read_limit, max_outbound_read_limit, > max_qp_wr, max_send_sge_count, max_recv_sge_count) are u32 but are > assigned to signed int members in struct ib_device_attr. If hardware > returns a value exceeding INT_MAX, the implicit u32-to-int conversion > produces a negative value, which can cause incorrect behavior in the > IB core and userspace applications. > > Clamp these fields to INT_MAX in mana_ib_gd_query_adapter_caps() so > all downstream consumers receive safe values. > > Additionally, fix an integer overflow in mana_ib_query_device() where > max_res_rd_atom is computed as max_qp_rd_atom * max_qp. Both operands > are int and the multiplication can overflow. Widen to s64 before > multiplying and clamp the result to INT_MAX. > > Signed-off-by: Erni Sri Satya Vennela <[email protected]>
I will be sending v2 for this patch since it requires change in the title. Thanks, Vennela
