Re: [PATCH 6/6] crypto: eip93: handle request ID exhaustion

Next message: Jihong Min: "Re: [PATCH 1/6] crypto: eip93: return IRQ request errors from probe"
Previous message: Guenter Roeck: "Re: [RFC PATCH v1 3/4] iio: flow: add Sensirion SLF3x liquid flow sensor driver"
In reply to: Jihong Min: "[PATCH 6/6] crypto: eip93: handle request ID exhaustion"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jihong Min

Date: Sun May 24 2026 - 17:47:36 EST

Hi Aleksander,

On 5/25/26 06:30, Aleksander Jan Bajkowski wrote:
> Hi Jihong,
>
> On 24/05/2026 21:45, Jihong Min wrote:
>> diff --git a/drivers/crypto/inside-secure/eip93/eip93-main.h b/drivers/crypto/inside-secure/eip93/eip93-main.h
>> index 990c2401b7ce..5237b75bba62 100644
>> --- a/drivers/crypto/inside-secure/eip93/eip93-main.h
>> +++ b/drivers/crypto/inside-secure/eip93/eip93-main.h
>> @@ -13,11 +13,13 @@
>> #include <crypto/internal/skcipher.h>
>> #include <linux/bitfield.h>
>> #include <linux/interrupt.h>
>> +#include <linux/limits.h>
>>
>> #define EIP93_RING_BUSY_DELAY 500
>>
>> #define EIP93_RING_NUM 512
>> #define EIP93_RING_BUSY 32
>> +#define EIP93_REQUEST_IDR_LIMIT (U16_MAX + 1)
>
> This looks suspicious. You are now overflowing the 16-bit field
> EIP93_PE_USER_ID_CRYPTO_IDR. Did you mean (U16_MAX - 1)? Best regards,
> Aleksander
>
U16_MAX + 1 is intentional here because it is passed to idr_alloc() as
the exclusive end value, not stored in EIP93_PE_USER_ID_CRYPTO_IDR.

So this allocates IDs 0..U16_MAX inclusive, and the value 0x10000 is
never written to the 16-bit descriptor field.

That said, the name is confusing. I will rename it to something like
EIP93_REQUEST_IDR_END and add a short comment if you prefer.

Sincerely,
Jihong Min