From 62e3a3e342af3c313ab38603811ecdb1fcc79edb Mon Sep 17 00:00:00 2001

From: Prakash Kamliya <pkamliya@codeaurora.org>

Date: Mon, 4 Dec 2017 19:10:15 +0530

Subject: [PATCH] drm/msm: fix leak in failed get_pages

Git-commit: 62e3a3e342af3c313ab38603811ecdb1fcc79edb

Patch-mainline: v4.16-rc1

References: bsc#1051510

get_pages doesn't keep a reference of the pages allocated

when it fails later in the code path. This can lead to

a memory leak. Keep reference of the allocated pages so

that it can be freed when msm_gem_free_object gets called

later during cleanup.

Signed-off-by: Prakash Kamliya <pkamliya@codeaurora.org>

Signed-off-by: Sharat Masetty <smasetty@codeaurora.org>

Signed-off-by: Rob Clark <robdclark@gmail.com>

Acked-by: Takashi Iwai <tiwai@suse.de>

---

 drivers/gpu/drm/msm/msm_gem.c |   14 ++++++++++----

 1 file changed, 10 insertions(+), 4 deletions(-)

--- a/drivers/gpu/drm/msm/msm_gem.c

+++ b/drivers/gpu/drm/msm/msm_gem.c

@@ -90,14 +90,17 @@ static struct page **get_pages(struct dr

 			return p;

 		}

+		msm_obj->pages = p;

+

 		msm_obj->sgt = drm_prime_pages_to_sg(p, npages);

 		if (IS_ERR(msm_obj->sgt)) {

+			void *ptr = ERR_CAST(msm_obj->sgt);

+

 			dev_err(dev->dev, "failed to allocate sgt\n");

-			return ERR_CAST(msm_obj->sgt);

+			msm_obj->sgt = NULL;

+			return ptr;

 		}

-		msm_obj->pages = p;

-

 		/* For non-cached buffers, ensure the new pages are clean

 		 * because display controller, GPU, etc. are not coherent:

 		 */

@@ -120,7 +123,10 @@ static void put_pages(struct drm_gem_obj

 		if (msm_obj->flags & (MSM_BO_WC|MSM_BO_UNCACHED))

 			dma_unmap_sg(obj->dev->dev, msm_obj->sgt->sgl,

 					msm_obj->sgt->nents, DMA_BIDIRECTIONAL);

-		sg_free_table(msm_obj->sgt);

+

+		if (msm_obj->sgt)

+			sg_free_table(msm_obj->sgt);

+

 		kfree(msm_obj->sgt);

 		if (use_pages(obj))