Commit 5bd4f20d authored Aug 28, 2021 by liuyuntao Committed by Gerd Hoffmann Sep 17, 2021

virtio-gpu: fix possible memory allocation failure



When kmem_cache_zalloc in virtio_gpu_get_vbuf fails, it will return
an error code. But none of its callers checks this error code, and
a core dump will take place.

Considering many of its callers can't handle such error, I add
a __GFP_NOFAIL flag when calling kmem_cache_zalloc to make sure
it won't fail, and delete those unused error handlings.

Fixes: dc5698e8 ("Add virtio gpu driver.")
Signed-off-by: Yuntao Liu <liuyuntao10@huawei.com>
Link: http://patchwork.freedesktop.org/patch/msgid/20210828104321.3410312-1-liuyuntao10@huawei.com


Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

parent 91241ee2

drivers/gpu/drm/virtio/virtgpu_vq.c

+1 −7

Original line number	Diff line number	Diff line
		@@ -91,9 +91,7 @@ virtio_gpu_get_vbuf(struct virtio_gpu_device *vgdev,
		{
		struct virtio_gpu_vbuffer *vbuf;

		vbuf = kmem_cache_zalloc(vgdev->vbufs, GFP_KERNEL);
		if (!vbuf)
		return ERR_PTR(-ENOMEM);
		vbuf = kmem_cache_zalloc(vgdev->vbufs, GFP_KERNEL \| __GFP_NOFAIL);

		BUG_ON(size > MAX_INLINE_CMD_SIZE \|\|
		size < sizeof(struct virtio_gpu_ctrl_hdr));
		@@ -147,10 +145,6 @@ static void virtio_gpu_alloc_cmd_resp(struct virtio_gpu_device vgdev,

		vbuf = virtio_gpu_get_vbuf(vgdev, cmd_size,
		resp_size, resp_buf, cb);
		if (IS_ERR(vbuf)) {
		*vbuffer_p = NULL;
		return ERR_CAST(vbuf);
		}
		*vbuffer_p = vbuf;
		return (struct virtio_gpu_command *)vbuf->buf;
		}