[PATCH v2 2/2] firmware: qcom: qcom_tzmem: Implement sanity checks

From: Kuldeep Singh
Date: Mon Oct 14 2024 - 07:19:49 EST


The qcom_tzmem driver currently has exposed APIs that lack validations
on required input parameters. This oversight can lead to unexpected null
pointer dereference crashes.

To address this issue, add sanity for required input parameters.

Signed-off-by: Kuldeep Singh <quic_kuldsing@xxxxxxxxxxx>
---
drivers/firmware/qcom/qcom_tzmem.c | 6 ++++++
1 file changed, 6 insertions(+)

diff --git a/drivers/firmware/qcom/qcom_tzmem.c b/drivers/firmware/qcom/qcom_tzmem.c
index 92b365178235..977e48fec32f 100644
--- a/drivers/firmware/qcom/qcom_tzmem.c
+++ b/drivers/firmware/qcom/qcom_tzmem.c
@@ -203,6 +203,9 @@ qcom_tzmem_pool_new(const struct qcom_tzmem_pool_config *config)

might_sleep();

+ if (!config->policy)
+ return ERR_PTR(-EINVAL);
+
switch (config->policy) {
case QCOM_TZMEM_POLICY_STATIC:
if (!config->initial_size)
@@ -412,6 +415,9 @@ void qcom_tzmem_free(void *vaddr)
{
struct qcom_tzmem_chunk *chunk;

+ if (!vaddr)
+ return;
+
scoped_guard(spinlock_irqsave, &qcom_tzmem_chunks_lock)
chunk = radix_tree_delete_item(&qcom_tzmem_chunks,
(unsigned long)vaddr, NULL);
--
2.34.1