providers/efa: Fix the size check in efadv_create_cq
[ Upstream commit 696ed925ac4d48adf0cc97f7dd781dec6d762b8a ]
efadv_create_cq incorrectly uses sizeof(efa_attr) instead
of sizeof(*efa_attr) to calculate the size of the efa_attr struct,
as a result, the currentt inlen>sizeof(efa_attr) will always be
true as the latter will be 8 bytes always.
This bug breaks the backward compatibility when a library is built
with an older rdma-core that has smaller efa_attr struct, but
run with newer rdma-core that has larger efa_attr, as the later called
`is_ext_clear` check is to make sure when application
input a inlen larger than size of efa_attr,
the extra space are all zero-ed, and it will fail when the inlen
is smaller than the actual size of efa_attr.
However when inlen is <= than size of the efa_attr struct,
such is_ext_clear check shouldn't happen.
Fixes: a00b600 ("efa: Introduce EFA DV CQ")
Signed-off-by: Shi Jin <sjina@amazon.com>
Signed-off-by: Nicolas Morey <nmorey@suse.com>
diff --git a/providers/efa/verbs.c b/providers/efa/verbs.c
index 8277947..5ad4e53 100644
--- a/providers/efa/verbs.c
+++ b/providers/efa/verbs.c
@@ -890,7 +890,7 @@
if (!vext_field_avail(struct efadv_cq_init_attr, wc_flags, inlen) ||
efa_attr->comp_mask ||
- (inlen > sizeof(efa_attr) && !is_ext_cleared(efa_attr, inlen))) {
+ (inlen > sizeof(*efa_attr) && !is_ext_cleared(efa_attr, inlen))) {
verbs_err(verbs_get_ctx(ibvctx), "Compatibility issues\n");
errno = EINVAL;
return NULL;
