aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRalph Campbell <ralph.campbell@qlogic.com>2010-06-17 23:13:59 +0000
committerRoland Dreier <rolandd@cisco.com>2010-07-06 14:13:21 -0700
commit5df4223a444057e433e9e4f2e101ee7159f8c19d (patch)
tree79022d504cfb79c471a2b25d2b6396a516bd88c3
parentb9e03e0489a8616fc415e62128d05ad0159a20a2 (diff)
downloadkernel_samsung_crespo-5df4223a444057e433e9e4f2e101ee7159f8c19d.zip
kernel_samsung_crespo-5df4223a444057e433e9e4f2e101ee7159f8c19d.tar.gz
kernel_samsung_crespo-5df4223a444057e433e9e4f2e101ee7159f8c19d.tar.bz2
IB/qib: Clear eager buffer memory for each new process
The eager buffers are not being cleared before being mmapped into a new user address space. This is a potential security risk and should be fixed. Note that the eager header queue is already being cleared. Signed-off-by: Ralph Campbell <ralph.campbell@qlogic.com> Signed-off-by: Roland Dreier <rolandd@cisco.com>
-rw-r--r--drivers/infiniband/hw/qib/qib_init.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/drivers/infiniband/hw/qib/qib_init.c b/drivers/infiniband/hw/qib/qib_init.c
index 2589599..1d4db4b 100644
--- a/drivers/infiniband/hw/qib/qib_init.c
+++ b/drivers/infiniband/hw/qib/qib_init.c
@@ -1472,6 +1472,9 @@ int qib_setup_eagerbufs(struct qib_ctxtdata *rcd)
dma_addr_t pa = rcd->rcvegrbuf_phys[chunk];
unsigned i;
+ /* clear for security and sanity on each use */
+ memset(rcd->rcvegrbuf[chunk], 0, size);
+
for (i = 0; e < egrcnt && i < egrperchunk; e++, i++) {
dd->f_put_tid(dd, e + egroff +
(u64 __iomem *)