From 3cc1c6de458e0e58c413c3c35802ca96e55bbdbe Mon Sep 17 00:00:00 2001
From: Xiaoke Wang <xkernel.wang@foxmail.com>
Date: Mon, 13 Dec 2021 16:27:15 +0800
Subject: [PATCH] thunderbolt: Check return value of kmemdup() in
 icm_handle_event()
References: jsc#SLE-19358
Patch-mainline: v5.17-rc1
Git-commit: 3cc1c6de458e0e58c413c3c35802ca96e55bbdbe

kmemdup() may return NULL if there is not enough memory available. Check
this and bail out early in this case. While there move INIT_WORK() to
happen after we have allocated all the memory needed for the event
handling to avoid doing unnecessary work.

Signed-off-by: Xiaoke Wang <xkernel.wang@foxmail.com>
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
Signed-off-by: Oliver Neukum <oneukum@suse.com>
---
 drivers/thunderbolt/icm.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/drivers/thunderbolt/icm.c b/drivers/thunderbolt/icm.c
index 6255f1ef9599..fff0c740c8f3 100644
--- a/drivers/thunderbolt/icm.c
+++ b/drivers/thunderbolt/icm.c
@@ -1741,8 +1741,13 @@ static void icm_handle_event(struct tb *tb, enum tb_cfg_pkg_type type,
 	if (!n)
 		return;
 
-	INIT_WORK(&n->work, icm_handle_notification);
 	n->pkg = kmemdup(buf, size, GFP_KERNEL);
+	if (!n->pkg) {
+		kfree(n);
+		return;
+	}
+
+	INIT_WORK(&n->work, icm_handle_notification);
 	n->tb = tb;
 
 	queue_work(tb->wq, &n->work);
-- 
2.26.2