The __get_free_pages() function does not return error pointers it returns
NULL so fix this condition to avoid a NULL dereference.
Fixes: 757cc3e9ff1d ("tee: add AMD-TEE driver")
Signed-off-by: Dan Carpenter <[email protected]>
---
drivers/tee/amdtee/core.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/drivers/tee/amdtee/core.c b/drivers/tee/amdtee/core.c
index da6b88e80dc0..297dc62bca29 100644
--- a/drivers/tee/amdtee/core.c
+++ b/drivers/tee/amdtee/core.c
@@ -203,9 +203,8 @@ static int copy_ta_binary(struct tee_context *ctx, void *ptr, void **ta,
*ta_size = roundup(fw->size, PAGE_SIZE);
*ta = (void *)__get_free_pages(GFP_KERNEL, get_order(*ta_size));
- if (IS_ERR(*ta)) {
- pr_err("%s: get_free_pages failed 0x%llx\n", __func__,
- (u64)*ta);
+ if (!*ta) {
+ pr_err("%s: get_free_pages failed\n", __func__);
rc = -ENOMEM;
goto rel_fw;
}
--
2.20.1
[Public]
Acked-by: Rijo Thomas <[email protected]>
-----Original Message-----
From: Dan Carpenter <[email protected]>
Sent: Wednesday, November 24, 2021 8:24 PM
To: Jens Wiklander <[email protected]>; Thomas, Rijo-john <[email protected]>
Cc: Sumit Garg <[email protected]>; Rangasamy, Devaraj <[email protected]>; Herbert Xu <[email protected]>; Gary R Hook <[email protected]>; [email protected]; [email protected]; [email protected]
Subject: [PATCH] tee: amdtee: fix an IS_ERR() vs NULL bug
The __get_free_pages() function does not return error pointers it returns
NULL so fix this condition to avoid a NULL dereference.
Fixes: 757cc3e9ff1d ("tee: add AMD-TEE driver")
Signed-off-by: Dan Carpenter <[email protected]>
---
drivers/tee/amdtee/core.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/drivers/tee/amdtee/core.c b/drivers/tee/amdtee/core.c
index da6b88e80dc0..297dc62bca29 100644
--- a/drivers/tee/amdtee/core.c
+++ b/drivers/tee/amdtee/core.c
@@ -203,9 +203,8 @@ static int copy_ta_binary(struct tee_context *ctx, void *ptr, void **ta,
*ta_size = roundup(fw->size, PAGE_SIZE);
*ta = (void *)__get_free_pages(GFP_KERNEL, get_order(*ta_size));
- if (IS_ERR(*ta)) {
- pr_err("%s: get_free_pages failed 0x%llx\n", __func__,
- (u64)*ta);
+ if (!*ta) {
+ pr_err("%s: get_free_pages failed\n", __func__);
rc = -ENOMEM;
goto rel_fw;
}
--
2.20.1
On Mon, Nov 29, 2021 at 04:31:51PM +0800, 994605959 wrote:
> maybe try this?
> -??if (IS_ERR(*ta)) {
> -????pr_err("%s: get_free_pages failed 0x%llx\n", __func__,
> -???????????(u64)*ta);
> +??if (IS_ERR(ta)) {
> +????pr_err("%s: get_free_pages failed %p\n", __func__, ta);
No, what you are suggesting is totally wrong. You are checking the
wrong variable for the wrong thing.
regards,
dan carpenter
On Mon, Nov 29, 2021 at 9:24 AM Thomas, Rijo-john
<[email protected]> wrote:
>
> [Public]
>
> Acked-by: Rijo Thomas <[email protected]>
>
> -----Original Message-----
> From: Dan Carpenter <[email protected]>
> Sent: Wednesday, November 24, 2021 8:24 PM
> To: Jens Wiklander <[email protected]>; Thomas, Rijo-john <[email protected]>
> Cc: Sumit Garg <[email protected]>; Rangasamy, Devaraj <[email protected]>; Herbert Xu <[email protected]>; Gary R Hook <[email protected]>; [email protected]; [email protected]; [email protected]
> Subject: [PATCH] tee: amdtee: fix an IS_ERR() vs NULL bug
>
> The __get_free_pages() function does not return error pointers it returns
> NULL so fix this condition to avoid a NULL dereference.
>
> Fixes: 757cc3e9ff1d ("tee: add AMD-TEE driver")
> Signed-off-by: Dan Carpenter <[email protected]>
> ---
> drivers/tee/amdtee/core.c | 5 ++---
> 1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/tee/amdtee/core.c b/drivers/tee/amdtee/core.c
> index da6b88e80dc0..297dc62bca29 100644
> --- a/drivers/tee/amdtee/core.c
> +++ b/drivers/tee/amdtee/core.c
> @@ -203,9 +203,8 @@ static int copy_ta_binary(struct tee_context *ctx, void *ptr, void **ta,
>
> *ta_size = roundup(fw->size, PAGE_SIZE);
> *ta = (void *)__get_free_pages(GFP_KERNEL, get_order(*ta_size));
> - if (IS_ERR(*ta)) {
> - pr_err("%s: get_free_pages failed 0x%llx\n", __func__,
> - (u64)*ta);
> + if (!*ta) {
> + pr_err("%s: get_free_pages failed\n", __func__);
> rc = -ENOMEM;
> goto rel_fw;
> }
Looks good, I'm picking up this.
Thanks,
Jens