| Message ID | 20241209-qcom-scm-missing-barriers-and-all-sort-of-srap-v2-5-9061013c8d92@linaro.org (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | firmware: qcom: scm: Fixes for concurrency | expand |
On Mon, 9 Dec 2024 at 15:28, Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> wrote: > > Commit ca61d6836e6f ("firmware: qcom: scm: fix a NULL-pointer > dereference") makes it explicit that qcom_scm_get_tzmem_pool() can > return NULL, therefore its users should handle this. > > Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> > --- > drivers/firmware/qcom/qcom_scm-smc.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/drivers/firmware/qcom/qcom_scm-smc.c b/drivers/firmware/qcom/qcom_scm-smc.c > index 2b4c2826f57251f25a1bc37c3b467dde28e1268b..3f10b23ec941b558e1d91761011776bb5c9d11b5 100644 > --- a/drivers/firmware/qcom/qcom_scm-smc.c > +++ b/drivers/firmware/qcom/qcom_scm-smc.c > @@ -173,6 +173,9 @@ int __scm_smc_call(struct device *dev, const struct qcom_scm_desc *desc, > smc.args[i + SCM_SMC_FIRST_REG_IDX] = desc->args[i]; > > if (unlikely(arglen > SCM_SMC_N_REG_ARGS)) { > + if (!mempool) > + return -EINVAL; > + > args_virt = qcom_tzmem_alloc(mempool, > SCM_SMC_N_EXT_ARGS * sizeof(u64), > flag); > > -- > 2.43.0 > Reviewed-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
diff --git a/drivers/firmware/qcom/qcom_scm-smc.c b/drivers/firmware/qcom/qcom_scm-smc.c index 2b4c2826f57251f25a1bc37c3b467dde28e1268b..3f10b23ec941b558e1d91761011776bb5c9d11b5 100644 --- a/drivers/firmware/qcom/qcom_scm-smc.c +++ b/drivers/firmware/qcom/qcom_scm-smc.c @@ -173,6 +173,9 @@ int __scm_smc_call(struct device *dev, const struct qcom_scm_desc *desc, smc.args[i + SCM_SMC_FIRST_REG_IDX] = desc->args[i]; if (unlikely(arglen > SCM_SMC_N_REG_ARGS)) { + if (!mempool) + return -EINVAL; + args_virt = qcom_tzmem_alloc(mempool, SCM_SMC_N_EXT_ARGS * sizeof(u64), flag);
Commit ca61d6836e6f ("firmware: qcom: scm: fix a NULL-pointer dereference") makes it explicit that qcom_scm_get_tzmem_pool() can return NULL, therefore its users should handle this. Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> --- drivers/firmware/qcom/qcom_scm-smc.c | 3 +++ 1 file changed, 3 insertions(+)