From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Tyler Hicks <tyhicks@linux.microsoft.com>,
Jens Wiklander <jens.wiklander@linaro.org>,
Sumit Garg <sumit.garg@linaro.org>
Subject: [PATCH 5.4 54/85] optee: Fix memory leak when failing to register shm pages
Date: Tue, 10 Aug 2021 19:30:27 +0200 [thread overview]
Message-ID: <20210810172950.066383606@linuxfoundation.org> (raw)
In-Reply-To: <20210810172948.192298392@linuxfoundation.org>
From: Tyler Hicks <tyhicks@linux.microsoft.com>
commit ec185dd3ab257dc2a60953fdf1b6622f524cc5b7 upstream.
Free the previously allocated pages when we encounter an error condition
while attempting to register the pages with the secure world.
Fixes: a249dd200d03 ("tee: optee: Fix dynamic shm pool allocations")
Fixes: 5a769f6ff439 ("optee: Fix multi page dynamic shm pool alloc")
Cc: stable@vger.kernel.org
Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/tee/optee/shm_pool.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
--- a/drivers/tee/optee/shm_pool.c
+++ b/drivers/tee/optee/shm_pool.c
@@ -32,8 +32,10 @@ static int pool_op_alloc(struct tee_shm_
struct page **pages;
pages = kcalloc(nr_pages, sizeof(pages), GFP_KERNEL);
- if (!pages)
- return -ENOMEM;
+ if (!pages) {
+ rc = -ENOMEM;
+ goto err;
+ }
for (i = 0; i < nr_pages; i++) {
pages[i] = page;
@@ -44,8 +46,14 @@ static int pool_op_alloc(struct tee_shm_
rc = optee_shm_register(shm->ctx, shm, pages, nr_pages,
(unsigned long)shm->kaddr);
kfree(pages);
+ if (rc)
+ goto err;
}
+ return 0;
+
+err:
+ __free_pages(page, order);
return rc;
}
next prev parent reply other threads:[~2021-08-10 17:40 UTC|newest]
Thread overview: 91+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-10 17:29 [PATCH 5.4 00/85] 5.4.140-rc1 review Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 01/85] Revert "ACPICA: Fix memory leak caused by _CID repair function" Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 02/85] ALSA: seq: Fix racy deletion of subscriber Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 03/85] arm64: dts: ls1028a: fix node name for the sysclk Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 04/85] ARM: imx: add missing iounmap() Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 05/85] ARM: imx: add missing clk_disable_unprepare() Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 06/85] ARM: dts: imx6qdl-sr-som: Increase the PHY reset duration to 10ms Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 07/85] ARM: dts: colibri-imx6ull: limit SDIO clock to 25MHz Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 08/85] ARM: imx: fix missing 3rd argument in macro imx_mmdc_perf_init Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 09/85] ARM: dts: imx: Swap M53Menlo pinctrl_power_button/pinctrl_power_out pins Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 10/85] arm64: dts: armada-3720-turris-mox: remove mrvl,i2c-fast-mode Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 11/85] ALSA: usb-audio: fix incorrect clock source setting Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 12/85] clk: stm32f4: fix post divisor setup for I2S/SAI PLLs Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 13/85] ARM: dts: am437x-l4: fix typo in can@0 node Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 14/85] omap5-board-common: remove not physically existing vdds_1v8_main fixed-regulator Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 15/85] spi: imx: mx51-ecspi: Reinstate low-speed CONFIGREG delay Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 16/85] spi: imx: mx51-ecspi: Fix low-speed CONFIGREG delay calculation Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 17/85] scsi: sr: Return correct event when media event code is 3 Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 18/85] media: videobuf2-core: dequeue if start_streaming fails Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 19/85] dmaengine: imx-dma: configure the generic DMA type to make it work Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 20/85] net, gro: Set inner transport header offset in tcp/udp GRO hook Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 21/85] net: dsa: sja1105: overwrite dynamic FDB entries with static ones in .port_fdb_add Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 22/85] net: dsa: sja1105: invalidate dynamic FDB entries learned concurrently with statically added ones Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 23/85] net: phy: micrel: Fix detection of ksz87xx switch Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 24/85] net: natsemi: Fix missing pci_disable_device() in probe and remove Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 25/85] gpio: tqmx86: really make IRQ optional Greg Kroah-Hartman
2021-08-10 17:29 ` [PATCH 5.4 26/85] sctp: move the active_key update after sh_keys is added Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 27/85] nfp: update ethtool reporting of pauseframe control Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 28/85] net: ipv6: fix returned variable type in ip6_skb_dst_mtu Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 29/85] mips: Fix non-POSIX regexp Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 30/85] bnx2x: fix an error code in bnx2x_nic_load() Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 31/85] net: pegasus: fix uninit-value in get_interrupt_interval Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 32/85] net: fec: fix use-after-free in fec_drv_remove Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 33/85] net: vxge: fix use-after-free in vxge_device_unregister Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 34/85] blk-iolatency: error out if blk_get_queue() failed in iolatency_set_limit() Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 35/85] Bluetooth: defer cleanup of resources in hci_unregister_dev() Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 36/85] USB: usbtmc: Fix RCU stall warning Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 37/85] USB: serial: option: add Telit FD980 composition 0x1056 Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 38/85] USB: serial: ch341: fix character loss at high transfer rates Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 39/85] USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 40/85] firmware_loader: use -ETIMEDOUT instead of -EAGAIN in fw_load_sysfs_fallback Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 41/85] firmware_loader: fix use-after-free in firmware_fallback_sysfs Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 42/85] ALSA: hda/realtek: add mic quirk for Acer SF314-42 Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 43/85] ALSA: usb-audio: Add registration quirk for JBL Quantum 600 Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 44/85] usb: cdns3: Fixed incorrect gadget state Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 45/85] usb: gadget: f_hid: added GET_IDLE and SET_IDLE handlers Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 46/85] usb: gadget: f_hid: fixed NULL pointer dereference Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 47/85] usb: gadget: f_hid: idle uses the highest byte for duration Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 48/85] usb: otg-fsm: Fix hrtimer list corruption Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 49/85] clk: fix leak on devm_clk_bulk_get_all() unwind Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 50/85] scripts/tracing: fix the bug that cant parse raw_trace_func Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 51/85] tracing / histogram: Give calculation hist_fields a size Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 52/85] optee: Clear stale cache entries during initialization Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 53/85] tee: add tee_shm_alloc_kernel_buf() Greg Kroah-Hartman
2021-08-10 17:30 ` Greg Kroah-Hartman [this message]
2021-08-10 17:30 ` [PATCH 5.4 55/85] tpm_ftpm_tee: Free and unregister TEE shared memory during kexec Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 56/85] staging: rtl8723bs: Fix a resource leak in sd_int_dpc Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 57/85] staging: rtl8712: get rid of flush_scheduled_work Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 58/85] media: rtl28xxu: fix zero-length control request Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 59/85] pipe: increase minimum default pipe size to 2 pages Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 60/85] ext4: fix potential htree corruption when growing large_dir directories Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 61/85] serial: tegra: Only print FIFO error message when an error occurs Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 62/85] serial: 8250_mtk: fix uart corruption issue when rx power off Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 63/85] serial: 8250: Mask out floating 16/32-bit bus bits Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 64/85] MIPS: Malta: Do not byte-swap accesses to the CBUS UART Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 65/85] serial: 8250_pci: Enumerate Elkhart Lake UARTs via dedicated driver Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 66/85] serial: 8250_pci: Avoid irq sharing for MSI(-X) interrupts Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 67/85] timers: Move clearing of base::timer_running under base:: Lock Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 68/85] pcmcia: i82092: fix a null pointer dereference bug Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 69/85] md/raid10: properly indicate failure when ending a failed write request Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 70/85] KVM: x86: accept userspace interrupt only if no event is injected Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 71/85] KVM: Do not leak memory for duplicate debugfs directories Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 72/85] KVM: x86/mmu: Fix per-cpu counter corruption on 32-bit builds Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 73/85] arm64: vdso: Avoid ISB after reading from cntvct_el0 Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 74/85] soc: ixp4xx: fix printing resources Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 75/85] spi: meson-spicc: fix memory leak in meson_spicc_remove Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 76/85] soc: ixp4xx/qmgr: fix invalid __iomem access Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 77/85] perf/x86/amd: Dont touch the AMD64_EVENTSEL_HOSTONLY bit inside the guest Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 78/85] bpf, selftests: Adjust few selftest result_unpriv outcomes Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 79/85] libata: fix ata_pio_sector for CONFIG_HIGHMEM Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 80/85] reiserfs: add check for root_inode in reiserfs_fill_super Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 81/85] reiserfs: check directory items on read from disk Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 82/85] virt_wifi: fix error on connect Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 83/85] alpha: Send stop IPI to send to online CPUs Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 84/85] net/qla3xxx: fix schedule while atomic in ql_wait_for_drvr_lock and ql_adapter_reset Greg Kroah-Hartman
2021-08-10 17:30 ` [PATCH 5.4 85/85] arm64: fix compat syscall return truncation Greg Kroah-Hartman
2021-08-11 1:09 ` [PATCH 5.4 00/85] 5.4.140-rc1 review Samuel Zou
2021-08-11 9:44 ` Sudip Mukherjee
2021-08-11 17:07 ` Naresh Kamboju
2021-08-11 19:59 ` Guenter Roeck
2021-08-11 22:21 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210810172950.066383606@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=jens.wiklander@linaro.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=sumit.garg@linaro.org \
--cc=tyhicks@linux.microsoft.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).