drm/msm/gem: Add check for kmalloc

[ Upstream commit d839f0811a31322c087a859c2b181e2383daa7be ] Add the check for the return value of kmalloc in order to avoid NULL pointer dereference in copy_from_user. Fixes: 20224d715a88 ("drm/msm/submit: Move copy_from_user ahead of locking bos") Signed-off-by: Jiasheng Jiang <jiasheng@iscas.ac.cn> Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Patchwork: https://patchwork.freedesktop.org/patch/514678/ Link: https://lore.kernel.org/r/20221212091117.43511-1-jiasheng@iscas.ac.cn Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Signed-off-by: Sasha Levin <sashal@kernel.org>
author: Jiasheng Jiang <jiasheng@iscas.ac.cn> 2022-12-12 12:11:17 +0300
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2023-03-10 11:28:30 +0300
commit: abadeef9a82f86e6668759259adbcf8be6f44a9b (patch)
tree: 80484b042f57fcd741ffda0ebc14bd9863eeeebf
parent: ad7da026e8a4b412bfc37e1341c417b2d4b9d9f6 (diff)
download: linux-abadeef9a82f86e6668759259adbcf8be6f44a9b.tar.xz
1 files changed, 4 insertions, 0 deletions
diff --git a/drivers/gpu/drm/msm/msm_gem_submit.c b/drivers/gpu/drm/msm/msm_gem_submit.c
index 73a2ca122c57..1c4be193fd23 100644
--- a/drivers/gpu/drm/msm/msm_gem_submit.c
+++ b/drivers/gpu/drm/msm/msm_gem_submit.c
@@ -209,6 +209,10 @@ static int submit_lookup_cmds(struct msm_gem_submit *submit,
 			goto out;
 		}
 		submit->cmd[i].relocs = kmalloc(sz, GFP_KERNEL);
+		if (!submit->cmd[i].relocs) {
+			ret = -ENOMEM;
+			goto out;
+		}
 		ret = copy_from_user(submit->cmd[i].relocs, userptr, sz);
 		if (ret) {
 			ret = -EFAULT;
author	Jiasheng Jiang <jiasheng@iscas.ac.cn>	2022-12-12 12:11:17 +0300
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2023-03-10 11:28:30 +0300
commit	abadeef9a82f86e6668759259adbcf8be6f44a9b (patch)
tree	80484b042f57fcd741ffda0ebc14bd9863eeeebf
parent	ad7da026e8a4b412bfc37e1341c417b2d4b9d9f6 (diff)
download	linux-abadeef9a82f86e6668759259adbcf8be6f44a9b.tar.xz