[PATCH 3/3] staging: android: ion: Avoid calling free_duped_table() twice

[Archit Taneja]

Currently, the duplicated sg table is freed in the detach() and
the error path of map_dma_buf() ion's dma_buf_ops.

If a call to dma_buf_map_attachment() fails, the importer is
expected to call dma_buf_detach() to remove the attachment. This
will result in us trying to free the duped sg table twice.

Don't call free_duped_table() in ion_map_dma_buf() to avoid this.

Signed-off-by: Archit Taneja <architt@xxxxxxxxxxxxxx>
---
 drivers/staging/android/ion/ion.c | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/drivers/staging/android/ion/ion.c b/drivers/staging/android/ion/ion.c
index 90ae6ce466ed..b483e1081309 100644
--- a/drivers/staging/android/ion/ion.c
+++ b/drivers/staging/android/ion/ion.c
@@ -268,20 +268,14 @@ static struct sg_table *ion_map_dma_buf(struct dma_buf_attachment *attachment,
 {
 	struct ion_dma_buf_attachment *a = attachment->priv;
 	struct sg_table *table;
-	int ret;
 
 	table = a->table;
 
 	if (!dma_map_sg(attachment->dev, table->sgl, table->nents,
-			direction)){
-		ret = -ENOMEM;
-		goto err;
-	}
-	return table;
+			direction))
+		return ERR_PTR(-ENOMEM);
 
-err:
-	free_duped_table(table);
-	return ERR_PTR(ret);
+	return table;
 }
 
 static void ion_unmap_dma_buf(struct dma_buf_attachment *attachment,
-- 
The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum,
hosted by The Linux Foundation