From 3cc1c6de458e0e58c413c3c35802ca96e55bbdbe Mon Sep 17 00:00:00 2001
From: Xiaoke Wang <xkernel.wang@foxmail.com>
Date: Mon, 13 Dec 2021 16:27:15 +0800
Subject: [PATCH] thunderbolt: Check return value of kmemdup() in
icm_handle_event()
References: jsc#SLE-19358
Patch-mainline: v5.17-rc1
Git-commit: 3cc1c6de458e0e58c413c3c35802ca96e55bbdbe
kmemdup() may return NULL if there is not enough memory available. Check
this and bail out early in this case. While there move INIT_WORK() to
happen after we have allocated all the memory needed for the event
handling to avoid doing unnecessary work.
Signed-off-by: Xiaoke Wang <xkernel.wang@foxmail.com>
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>
Signed-off-by: Oliver Neukum <oneukum@suse.com>
---
drivers/thunderbolt/icm.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/drivers/thunderbolt/icm.c b/drivers/thunderbolt/icm.c
index 6255f1ef9599..fff0c740c8f3 100644
--- a/drivers/thunderbolt/icm.c
+++ b/drivers/thunderbolt/icm.c
@@ -1741,8 +1741,13 @@ static void icm_handle_event(struct tb *tb, enum tb_cfg_pkg_type type,
if (!n)
return;
- INIT_WORK(&n->work, icm_handle_notification);
n->pkg = kmemdup(buf, size, GFP_KERNEL);
+ if (!n->pkg) {
+ kfree(n);
+ return;
+ }
+
+ INIT_WORK(&n->work, icm_handle_notification);
n->tb = tb;
queue_work(tb->wq, &n->work);
--
2.26.2