[PATCH] IB/mthca: Fix FMR breakage caused by kmemdup() conversion

Commit bed8bdfd ("IB: kmemdup() cleanup") introduced one bad conversion to
kmemdup() in mthca_alloc_fmr(), where the structure allocated and the
structure copied are not the same size.  Revert this back to the original
kmalloc()/memcpy() code.

Reported-by: Dotan Barak <dotanb@mellanox.co.il>.
Signed-off-by: Michael S. Tsirkin <mst@mellanox.co.il>
Signed-off-by: Roland Dreier <roland@digitalvampire.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

diff --git a/drivers/infiniband/hw/mthca/mthca_provider.c b/drivers/infiniband/hw/mthca/mthca_provider.c
index 7ec7c4b937f9d82419f2ffab20e9d400590ad9e0..7b96751695eac20deb60c8c60e13eb2032a0763f 100644 (file)
--- a/drivers/infiniband/hw/mthca/mthca_provider.c
+++ b/drivers/infiniband/hw/mthca/mthca_provider.c
@@ -1100,10 +1100,11 @@ static struct ib_fmr *mthca_alloc_fmr(struct ib_pd *pd, int mr_access_flags,
        struct mthca_fmr *fmr;
        int err;
 
-       fmr = kmemdup(fmr_attr, sizeof *fmr, GFP_KERNEL);
+       fmr = kmalloc(sizeof *fmr, GFP_KERNEL);
        if (!fmr)
                return ERR_PTR(-ENOMEM);
 
+       memcpy(&fmr->attr, fmr_attr, sizeof *fmr_attr);
        err = mthca_fmr_alloc(to_mdev(pd->device), to_mpd(pd)->pd_num,
                             convert_access(mr_access_flags), fmr);