Re: [PATCH] media: mtk-vcodec: Fix reference count leak in mtk_vcodec_fw_scp_init
From: Nicolas Dufresne
Date: Wed Apr 02 2025 - 11:40:51 EST
Le mercredi 02 avril 2025 à 11:37 -0400, Nicolas Dufresne a écrit :
> Hi,
>
> Le mardi 18 mars 2025 à 19:05 +0800, Miaoqian Lin a écrit :
> > scp_get() returns a reference that needs to be released with scp_put().
> > Add missing scp_put() before returning error in mtk_vcodec_fw_scp_init().
> >
> > Fixes: 53dbe0850444 ("media: mtk-vcodec: potential null pointer deference in SCP")
> > Signed-off-by: Miaoqian Lin <linmq006@xxxxxxxxx>
> > ---
> > .../platform/mediatek/vcodec/common/mtk_vcodec_fw_scp.c | 5 +++--
> > 1 file changed, 3 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_scp.c b/drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_scp.c
> > index ff23b225db70..11ab3bc60217 100644
> > --- a/drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_scp.c
> > +++ b/drivers/media/platform/mediatek/vcodec/common/mtk_vcodec_fw_scp.c
> > @@ -71,7 +71,6 @@ struct mtk_vcodec_fw *mtk_vcodec_fw_scp_init(void *priv, enum mtk_vcodec_fw_use
> > pr_err("Invalid fw_use %d (use a reasonable fw id here)\n", fw_use);
> > return ERR_PTR(-EINVAL);
> > }
> > -
>
> Might sound nit-picky, but don't do style fixes in patches intended for
> backports. It increases the chance of conflicts.
>
> > scp = scp_get(plat_dev);
> > if (!scp) {
> > dev_err(&plat_dev->dev, "could not get vdec scp handle");
> > @@ -79,8 +78,10 @@ struct mtk_vcodec_fw *mtk_vcodec_fw_scp_init(void *priv, enum mtk_vcodec_fw_use
> > }
> >
> > fw = devm_kzalloc(&plat_dev->dev, sizeof(*fw), GFP_KERNEL);
> > - if (!fw)
> > + if (!fw) {
> > + scp_put(scp);
> > return ERR_PTR(-ENOMEM);
> > + }
>
> With the above style change removed:
>
> Reviewed-by: Nicolas Dufresne <nicolas.dufresne@xxxxxxxxxxxxxx>
Sorry for the noise, I see that Hans fixed and merged it already.
Nicolas
>
> > fw->type = SCP;
> > fw->ops = &mtk_vcodec_rproc_msg;
> > fw->scp = scp;