From: Arvind Sankar <nivedita@alum.mit.edu>
To: Ard Biesheuvel <ardb@kernel.org>, linux-efi@vger.kernel.org
Subject: [PATCH 2/2] efi/gop: Fix memory leak in __gop_query32/64
Date: Tue, 3 Dec 2019 16:47:28 -0500 [thread overview]
Message-ID: <20191203214728.19264-2-nivedita@alum.mit.edu> (raw)
In-Reply-To: <20191203214728.19264-1-nivedita@alum.mit.edu>
gop->query_mode returns info in callee-allocated memory which must be
freed by the caller.
We don't actually need to call it in order to obtain the info for the
current graphics mode, which is already there in gop->mode->info, so
just access it directly.
Also nothing uses the size of the info structure, so remove the
argument.
Signed-off-by: Arvind Sankar <nivedita@alum.mit.edu>
---
drivers/firmware/efi/libstub/gop.c | 48 ++++++++----------------------
1 file changed, 12 insertions(+), 36 deletions(-)
diff --git a/drivers/firmware/efi/libstub/gop.c b/drivers/firmware/efi/libstub/gop.c
index 235a98797105..c8a39cd89b47 100644
--- a/drivers/firmware/efi/libstub/gop.c
+++ b/drivers/firmware/efi/libstub/gop.c
@@ -83,28 +83,17 @@ setup_pixel_info(struct screen_info *si, u32 pixels_per_scan_line,
}
}
-static efi_status_t
+static void
__gop_query32(efi_system_table_t *sys_table_arg,
struct efi_graphics_output_protocol_32 *gop32,
struct efi_graphics_output_mode_info **info,
- unsigned long *size, u64 *fb_base)
+ u64 *fb_base)
{
struct efi_graphics_output_protocol_mode_32 *mode;
- efi_graphics_output_protocol_query_mode query_mode;
- efi_status_t status;
- unsigned long m;
-
- m = gop32->mode;
- mode = (struct efi_graphics_output_protocol_mode_32 *)m;
- query_mode = (void *)(unsigned long)gop32->query_mode;
-
- status = __efi_call_early(query_mode, (void *)gop32, mode->mode, size,
- info);
- if (status != EFI_SUCCESS)
- return status;
+ mode = (void *)(unsigned long)gop32->mode;
+ *info = (void *)(unsigned long)mode->info;
*fb_base = mode->frame_buffer_base;
- return status;
}
static efi_status_t
@@ -145,9 +134,8 @@ setup_gop32(efi_system_table_t *sys_table_arg, struct screen_info *si,
if (status == EFI_SUCCESS)
conout_found = true;
- status = __gop_query32(sys_table_arg, gop32, &info, &size,
- ¤t_fb_base);
- if (status == EFI_SUCCESS && (!first_gop || conout_found) &&
+ __gop_query32(sys_table_arg, gop32, &info, ¤t_fb_base);
+ if ((!first_gop || conout_found) &&
info->pixel_format != PIXEL_BLT_ONLY) {
/*
* Systems that use the UEFI Console Splitter may
@@ -201,28 +189,17 @@ setup_gop32(efi_system_table_t *sys_table_arg, struct screen_info *si,
return EFI_SUCCESS;
}
-static efi_status_t
+static void
__gop_query64(efi_system_table_t *sys_table_arg,
struct efi_graphics_output_protocol_64 *gop64,
struct efi_graphics_output_mode_info **info,
- unsigned long *size, u64 *fb_base)
+ u64 *fb_base)
{
struct efi_graphics_output_protocol_mode_64 *mode;
- efi_graphics_output_protocol_query_mode query_mode;
- efi_status_t status;
- unsigned long m;
-
- m = gop64->mode;
- mode = (struct efi_graphics_output_protocol_mode_64 *)m;
- query_mode = (void *)(unsigned long)gop64->query_mode;
-
- status = __efi_call_early(query_mode, (void *)gop64, mode->mode, size,
- info);
- if (status != EFI_SUCCESS)
- return status;
+ mode = (void *)(unsigned long)gop64->mode;
+ *info = (void *)(unsigned long)mode->info;
*fb_base = mode->frame_buffer_base;
- return status;
}
static efi_status_t
@@ -263,9 +240,8 @@ setup_gop64(efi_system_table_t *sys_table_arg, struct screen_info *si,
if (status == EFI_SUCCESS)
conout_found = true;
- status = __gop_query64(sys_table_arg, gop64, &info, &size,
- ¤t_fb_base);
- if (status == EFI_SUCCESS && (!first_gop || conout_found) &&
+ __gop_query64(sys_table_arg, gop64, &info, ¤t_fb_base);
+ if ((!first_gop || conout_found) &&
info->pixel_format != PIXEL_BLT_ONLY) {
/*
* Systems that use the UEFI Console Splitter may
--
2.23.0
next prev parent reply other threads:[~2019-12-03 21:47 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-03 21:47 [PATCH 1/2] efi/gop: Fix return value of setup_gop32/64 Arvind Sankar
2019-12-03 21:47 ` Arvind Sankar [this message]
2019-12-04 15:11 ` [PATCH 2/2] efi/gop: Fix memory leak in __gop_query32/64 Ard Biesheuvel
2019-12-04 15:27 ` Arvind Sankar
2019-12-04 15:30 ` Ard Biesheuvel
2019-12-04 15:44 ` Arvind Sankar
2019-12-04 15:03 ` [PATCH 1/2] efi/gop: Fix return value of setup_gop32/64 Ard Biesheuvel
2019-12-04 15:23 ` Arvind Sankar
2019-12-04 15:28 ` Ard Biesheuvel
2019-12-04 15:45 ` Arvind Sankar
2019-12-04 18:17 ` [PATCH v2 0/3] Fix a couple of bugs in efi/gop.c Arvind Sankar
2019-12-05 12:06 ` Ard Biesheuvel
2019-12-04 18:17 ` [PATCH v2 1/3] efi/gop: Return EFI_NOT_FOUND if there are no usable GOP's Arvind Sankar
2019-12-04 18:17 ` [PATCH v2 2/3] efi/gop: Return EFI_SUCCESS if a usable GOP was found Arvind Sankar
2019-12-04 18:17 ` [PATCH v2 3/3] efi/gop: Fix memory leak from __gop_query32/64 Arvind Sankar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191203214728.19264-2-nivedita@alum.mit.edu \
--to=nivedita@alum.mit.edu \
--cc=ardb@kernel.org \
--cc=linux-efi@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).