soc: qcom: qmi_interface: Limit txn ids to U16_MAX

Txn IDs created up to INT_MAX cause overflow while storing
the IDs in u16 type supported by QMI header.

Limit the txn IDs max value to U16_MAX to avoid overflow.

Signed-off-by: Arun Kumar Neelakantam <aneela@codeaurora.org>
Reviewed-by: Bjorn Andersson <bjorn.andersson@linaro.org>
Signed-off-by: Andy Gross <andy.gross@linaro.org>

diff --git a/drivers/soc/qcom/qmi_interface.c b/drivers/soc/qcom/qmi_interface.c
index 938ca41..c239a28 100644 (file)
--- a/drivers/soc/qcom/qmi_interface.c
+++ b/drivers/soc/qcom/qmi_interface.c
@@ -318,7 +318,7 @@ int qmi_txn_init(struct qmi_handle *qmi, struct qmi_txn *txn,
        txn->dest = c_struct;
 
        mutex_lock(&qmi->txn_lock);
-       ret = idr_alloc_cyclic(&qmi->txns, txn, 0, INT_MAX, GFP_KERNEL);
+       ret = idr_alloc_cyclic(&qmi->txns, txn, 0, U16_MAX, GFP_KERNEL);
        if (ret < 0)
                pr_err("failed to allocate transaction id\n");
 

diff --git a/include/linux/soc/qcom/qmi.h b/include/linux/soc/qcom/qmi.h
index f4de336..5efa2b6 100644 (file)
--- a/include/linux/soc/qcom/qmi.h
+++ b/include/linux/soc/qcom/qmi.h
@@ -166,7 +166,7 @@ struct qmi_ops {
 struct qmi_txn {
        struct qmi_handle *qmi;
 
-       int id;
+       u16 id;
 
        struct mutex lock;
        struct completion completion;