From 61a4a72db873db8bc471396bd92849eeeb41f643 Mon Sep 17 00:00:00 2001 From: Vikas Kumar Sharma Date: Fri, 31 Mar 2023 01:37:20 +0530 Subject: [PATCH] securemsm-kernel: smcinvoke: Fix KW Errors Fix usage of un-initialized variables , dereferencing of pointer after NULL check Change-Id: I36afeaefa7f7c524fd0165420140e80ee5580503 --- smcinvoke/smcinvoke.c | 13 +++++-------- smcinvoke/smcinvoke_kernel.c | 5 +++-- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/smcinvoke/smcinvoke.c b/smcinvoke/smcinvoke.c index 092d620565..96a44f5eb0 100644 --- a/smcinvoke/smcinvoke.c +++ b/smcinvoke/smcinvoke.c @@ -673,7 +673,7 @@ static void __wakeup_postprocess_kthread(struct smcinvoke_worker_thread *smcinvo static int smcinvoke_postprocess_kthread_func(void *data) { struct smcinvoke_worker_thread *smcinvoke_wrk_trd = data; - const char *tag; + static const char *const tag[] = {"shmbridge","object","adci","invalid"}; if (!smcinvoke_wrk_trd) { pr_err("Bad input.\n"); @@ -688,21 +688,18 @@ static int smcinvoke_postprocess_kthread_func(void *data) == POST_KT_WAKEUP)); switch (smcinvoke_wrk_trd->type) { case SHMB_WORKER_THREAD: - tag = "shmbridge"; pr_debug("kthread to %s postprocess is called %d\n", - tag, atomic_read(&smcinvoke_wrk_trd->postprocess_kthread_state)); + tag[SHMB_WORKER_THREAD], atomic_read(&smcinvoke_wrk_trd->postprocess_kthread_state)); smcinvoke_shmbridge_post_process(); break; case OBJECT_WORKER_THREAD: - tag = "object"; pr_debug("kthread to %s postprocess is called %d\n", - tag, atomic_read(&smcinvoke_wrk_trd->postprocess_kthread_state)); + tag[OBJECT_WORKER_THREAD], atomic_read(&smcinvoke_wrk_trd->postprocess_kthread_state)); smcinvoke_object_post_process(); break; case ADCI_WORKER_THREAD: - tag = "adci"; pr_debug("kthread to %s postprocess is called %d\n", - tag, atomic_read(&smcinvoke_wrk_trd->postprocess_kthread_state)); + tag[ADCI_WORKER_THREAD], atomic_read(&smcinvoke_wrk_trd->postprocess_kthread_state)); smcinvoke_start_adci_thread(); break; default: @@ -722,7 +719,7 @@ static int smcinvoke_postprocess_kthread_func(void *data) atomic_set(&smcinvoke_wrk_trd->postprocess_kthread_state, POST_KT_SLEEP); } - pr_warn("kthread to %s postprocess stopped\n", tag); + pr_warn("kthread(worker_thread) processed, worker_thread type is %d \n", smcinvoke_wrk_trd->type); return 0; } diff --git a/smcinvoke/smcinvoke_kernel.c b/smcinvoke/smcinvoke_kernel.c index 58ff8d36cb..0333d8c683 100644 --- a/smcinvoke/smcinvoke_kernel.c +++ b/smcinvoke/smcinvoke_kernel.c @@ -445,14 +445,15 @@ exit_free_cxt: static int __qseecom_shutdown_app(struct qseecom_handle **handle) { - struct qseecom_compat_context *cxt = - (struct qseecom_compat_context *)(*handle); + struct qseecom_compat_context *cxt = NULL; if ((handle == NULL) || (*handle == NULL)) { pr_err("Handle is NULL\n"); return -EINVAL; } + cxt = (struct qseecom_compat_context *)(*handle); + qtee_shmbridge_free_shm(&cxt->shm); Object_release(cxt->app_controller); Object_release(cxt->app_loader);