virtio-gpu: fix possible memory allocation failure
authorliuyuntao <liuyuntao10@huawei.com>
Sat, 28 Aug 2021 10:43:21 +0000 (18:43 +0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 18 Nov 2021 18:16:23 +0000 (19:16 +0100)
[ Upstream commit 5bd4f20de8acad37dbb3154feb34dbc36d506c02 ]

When kmem_cache_zalloc in virtio_gpu_get_vbuf fails, it will return
an error code. But none of its callers checks this error code, and
a core dump will take place.

Considering many of its callers can't handle such error, I add
a __GFP_NOFAIL flag when calling kmem_cache_zalloc to make sure
it won't fail, and delete those unused error handlings.

Fixes: dc5698e80cf724 ("Add virtio gpu driver.")
Signed-off-by: Yuntao Liu <liuyuntao10@huawei.com>
Link: http://patchwork.freedesktop.org/patch/msgid/20210828104321.3410312-1-liuyuntao10@huawei.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
drivers/gpu/drm/virtio/virtgpu_vq.c

index 2e71e91..93a41d0 100644 (file)
@@ -91,9 +91,7 @@ virtio_gpu_get_vbuf(struct virtio_gpu_device *vgdev,
 {
        struct virtio_gpu_vbuffer *vbuf;
 
-       vbuf = kmem_cache_zalloc(vgdev->vbufs, GFP_KERNEL);
-       if (!vbuf)
-               return ERR_PTR(-ENOMEM);
+       vbuf = kmem_cache_zalloc(vgdev->vbufs, GFP_KERNEL | __GFP_NOFAIL);
 
        BUG_ON(size > MAX_INLINE_CMD_SIZE ||
               size < sizeof(struct virtio_gpu_ctrl_hdr));
@@ -147,10 +145,6 @@ static void *virtio_gpu_alloc_cmd_resp(struct virtio_gpu_device *vgdev,
 
        vbuf = virtio_gpu_get_vbuf(vgdev, cmd_size,
                                   resp_size, resp_buf, cb);
-       if (IS_ERR(vbuf)) {
-               *vbuffer_p = NULL;
-               return ERR_CAST(vbuf);
-       }
        *vbuffer_p = vbuf;
        return (struct virtio_gpu_command *)vbuf->buf;
 }