From: Shai Brandes <shaib...@amazon.com> The driver accidentally allocates a huge memory buffer for the customer metrics because it uses an uninitialized variable for the buffer length. This can lead to excessive memory footprint for the driver which can even fail to initialize in case of insufficient memory.
Signed-off-by: Shai Brandes <shaib...@amazon.com> Reviewed-by: Amit Bernstein <amitb...@amazon.com> Fixes: f73f53f7dc7a ("net/ena: upgrade HAL") Bugzilla ID: 14001 --- drivers/net/ena/base/ena_com.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/drivers/net/ena/base/ena_com.c b/drivers/net/ena/base/ena_com.c index 6953a1fa33..8ae7dcf48e 100644 --- a/drivers/net/ena/base/ena_com.c +++ b/drivers/net/ena/base/ena_com.c @@ -3134,16 +3134,18 @@ int ena_com_allocate_debug_area(struct ena_com_dev *ena_dev, int ena_com_allocate_customer_metrics_buffer(struct ena_com_dev *ena_dev) { struct ena_customer_metrics *customer_metrics = &ena_dev->customer_metrics; + customer_metrics->buffer_len = ENA_CUSTOMER_METRICS_BUFFER_SIZE; + customer_metrics->buffer_virt_addr = NULL; ENA_MEM_ALLOC_COHERENT(ena_dev->dmadev, customer_metrics->buffer_len, customer_metrics->buffer_virt_addr, customer_metrics->buffer_dma_addr, customer_metrics->buffer_dma_handle); - if (unlikely(customer_metrics->buffer_virt_addr == NULL)) + if (unlikely(customer_metrics->buffer_virt_addr == NULL)) { + customer_metrics->buffer_len = 0; return ENA_COM_NO_MEM; - - customer_metrics->buffer_len = ENA_CUSTOMER_METRICS_BUFFER_SIZE; + } return 0; } -- 2.17.1