[PATCH 5.13 112/175] optee: Fix memory leak when failing to register shm pages
From: Greg Kroah-Hartman
Date: Tue Aug 10 2021 - 14:02:40 EST
From: Tyler Hicks <tyhicks@xxxxxxxxxxxxxxxxxxx>
commit ec185dd3ab257dc2a60953fdf1b6622f524cc5b7 upstream.
Free the previously allocated pages when we encounter an error condition
while attempting to register the pages with the secure world.
Fixes: a249dd200d03 ("tee: optee: Fix dynamic shm pool allocations")
Fixes: 5a769f6ff439 ("optee: Fix multi page dynamic shm pool alloc")
Cc: stable@xxxxxxxxxxxxxxx
Signed-off-by: Tyler Hicks <tyhicks@xxxxxxxxxxxxxxxxxxx>
Reviewed-by: Jens Wiklander <jens.wiklander@xxxxxxxxxx>
Reviewed-by: Sumit Garg <sumit.garg@xxxxxxxxxx>
Signed-off-by: Jens Wiklander <jens.wiklander@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
drivers/tee/optee/shm_pool.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
--- a/drivers/tee/optee/shm_pool.c
+++ b/drivers/tee/optee/shm_pool.c
@@ -36,8 +36,10 @@ static int pool_op_alloc(struct tee_shm_
struct page **pages;
pages = kcalloc(nr_pages, sizeof(pages), GFP_KERNEL);
- if (!pages)
- return -ENOMEM;
+ if (!pages) {
+ rc = -ENOMEM;
+ goto err;
+ }
for (i = 0; i < nr_pages; i++) {
pages[i] = page;
@@ -48,8 +50,14 @@ static int pool_op_alloc(struct tee_shm_
rc = optee_shm_register(shm->ctx, shm, pages, nr_pages,
(unsigned long)shm->kaddr);
kfree(pages);
+ if (rc)
+ goto err;
}
+ return 0;
+
+err:
+ __free_pages(page, order);
return rc;
}