[SRU][N:linux-bluefield][PATCH v1 1/1] vdpa/mlx5: Fix oversized null mkey longer than 32bit

[Stav Aviram]

From: Si-Wei Liu <si-wei.liu at oracle.com>

BugLink: https://bugs.launchpad.net/bugs/2126876

create_user_mr() has correct code to count the number of null keys
used to fill in a hole for the memory map. However, fill_indir()
does not follow the same to cap the range up to the 1GB limit
correspondingly. Fill in more null keys for the gaps in between,
so that null keys are correctly populated.

Fixes: 94abbccdf291 ("vdpa/mlx5: Add shared memory registration code")
Cc: stable at vger.kernel.org
Reported-by: Cong Meng <cong.meng at oracle.com>
Signed-off-by: Si-Wei Liu <si-wei.liu at oracle.com>
Signed-off-by: Dragos Tatulea <dtatulea at nvidia.com>
Acked-by: Eugenio Pérez <eperezma at redhat.com>
Message-Id: <20250220193732.521462-2-dtatulea at nvidia.com>
Signed-off-by: Michael S. Tsirkin <mst at redhat.com>
Acked-by: Jason Wang <jasowang at redhat.com>
(cherry picked from commit a6097e0a54a5c24f8d577ffecbc35289ae281c2e)
Signed-off-by: Stav Aviram <saviram at nvidia.com>
---
 drivers/vdpa/mlx5/core/mr.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/drivers/vdpa/mlx5/core/mr.c b/drivers/vdpa/mlx5/core/mr.c
index 906b39f2c4be..de21082901f1 100644
--- a/drivers/vdpa/mlx5/core/mr.c
+++ b/drivers/vdpa/mlx5/core/mr.c
@@ -166,9 +166,12 @@ static void fill_indir(struct mlx5_vdpa_dev *mvdev, struct mlx5_vdpa_mr *mkey, v
 			klm->bcount = cpu_to_be32(klm_bcount(dmr->end - dmr->start));
 			preve = dmr->end;
 		} else {
+			u64 bcount = min_t(u64, dmr->start - preve, MAX_KLM_SIZE);
+
 			klm->key = cpu_to_be32(mvdev->res.null_mkey);
-			klm->bcount = cpu_to_be32(klm_bcount(dmr->start - preve));
-			preve = dmr->start;
+			klm->bcount = cpu_to_be32(klm_bcount(bcount));
+			preve += bcount;
+
 			goto again;
 		}
 	}
-- 
2.38.1