From: Dan Carpenter <dan.carpenter@linaro.org>
Date: Tue, 31 Oct 2023 08:58:32 +0000 (+0300)
Subject: crypto: qat - prevent underflow in rp2srv_store()
X-Git-Tag: v6.7.2~597
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c71d330e1d6096f99c2db7364d710892c2337e08;p=thirdparty%2Fkernel%2Fstable.git

crypto: qat - prevent underflow in rp2srv_store()

[ Upstream commit e53c741303a59ee1682e11f61b7772863e02526d ]

The "ring" variable has an upper bounds check but nothing checks for
negatives.  This code uses kstrtouint() already and it was obviously
intended to be declared as unsigned int.  Make it so.

Fixes: dbc8876dd873 ("crypto: qat - add rp2svc sysfs attribute")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Acked-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---

diff --git a/drivers/crypto/intel/qat/qat_common/adf_sysfs.c b/drivers/crypto/intel/qat/qat_common/adf_sysfs.c
index ddffc98119c6b..6f0b3629da13d 100644
--- a/drivers/crypto/intel/qat/qat_common/adf_sysfs.c
+++ b/drivers/crypto/intel/qat/qat_common/adf_sysfs.c
@@ -242,7 +242,8 @@ static ssize_t rp2srv_store(struct device *dev, struct device_attribute *attr,
 			    const char *buf, size_t count)
 {
 	struct adf_accel_dev *accel_dev;
-	int ring, num_rings, ret;
+	int num_rings, ret;
+	unsigned int ring;
 
 	accel_dev = adf_devmgr_pci_to_accel_dev(to_pci_dev(dev));
 	if (!accel_dev)