RDMA/efa: Clear the admin command buffer prior to its submission

We cannot rely on the entry memcpy as we only copy the actual size of the
command, the rest of the bytes must be memset to zero.

Currently providing non-zero memory will not have any user visible impact.
However, since admin commands are extendable (in a backwards compatible
way) everything beyond the size of the command must be cleared to prevent
issues in the future.

Fixes: 0420e542569b ("RDMA/efa: Implement functions that submit and complete admin commands")
Link: https://lore.kernel.org/r/20191112092608.46964-1-galpress@amazon.com
Reviewed-by: Daniel Kranzdorf <dkkranzd@amazon.com>
Reviewed-by: Firas JahJah <firasj@amazon.com>
Signed-off-by: Gal Pressman <galpress@amazon.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>

diff --git a/drivers/infiniband/hw/efa/efa_com.c b/drivers/infiniband/hw/efa/efa_com.c
index 3c412bc..0778f4f 100644 (file)
--- a/drivers/infiniband/hw/efa/efa_com.c
+++ b/drivers/infiniband/hw/efa/efa_com.c
@@ -317,6 +317,7 @@ static struct efa_comp_ctx *__efa_com_submit_admin_cmd(struct efa_com_admin_queu
                                                       struct efa_admin_acq_entry *comp,
                                                       size_t comp_size_in_bytes)
 {
+       struct efa_admin_aq_entry *aqe;
        struct efa_comp_ctx *comp_ctx;
        u16 queue_size_mask;
        u16 cmd_id;
@@ -350,7 +351,9 @@ static struct efa_comp_ctx *__efa_com_submit_admin_cmd(struct efa_com_admin_queu
 
        reinit_completion(&comp_ctx->wait_event);
 
-       memcpy(&aq->sq.entries[pi], cmd, cmd_size_in_bytes);
+       aqe = &aq->sq.entries[pi];
+       memset(aqe, 0, sizeof(*aqe));
+       memcpy(aqe, cmd, cmd_size_in_bytes);
 
        aq->sq.pc++;
        atomic64_inc(&aq->stats.submitted_cmd);