samsung-sm8650/android_kernel_samsung_sm8650-modules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

securemsm-kernel: smcinvoke: Fix KW Errors

Browse Source 
Fix usage of un-initialized variables , dereferencing of pointer after NULL check

Change-Id: I36afeaefa7f7c524fd0165420140e80ee5580503
This commit is contained in:
Vikas Kumar Sharma
2023-03-31 01:37:20 +05:30
committed by Gerrit - the friendly Code Review server
parent 8083b9b690
commit 61a4a72db8
2 changed files with 8 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
smcinvoke/smcinvoke.c
View File

@@ -673,7 +673,7 @@ static void __wakeup_postprocess_kthread(struct smcinvoke_worker_thread *smcinvo
static int smcinvoke_postprocess_kthread_func(void *data) static int smcinvoke_postprocess_kthread_func(void *data)
{ {
struct smcinvoke_worker_thread *smcinvoke_wrk_trd = data; struct smcinvoke_worker_thread *smcinvoke_wrk_trd = data;
const char *tag; static const char *const tag[] = {"shmbridge","object","adci","invalid"};
if (!smcinvoke_wrk_trd) { if (!smcinvoke_wrk_trd) {
pr_err("Bad input.\n"); pr_err("Bad input.\n");
@@ -688,21 +688,18 @@ static int smcinvoke_postprocess_kthread_func(void *data)
== POST_KT_WAKEUP)); == POST_KT_WAKEUP));
switch (smcinvoke_wrk_trd->type) { switch (smcinvoke_wrk_trd->type) {
case SHMB_WORKER_THREAD: case SHMB_WORKER_THREAD:
tag = "shmbridge";
pr_debug("kthread to %s postprocess is called %d\n", pr_debug("kthread to %s postprocess is called %d\n",
tag, atomic_read(&smcinvoke_wrk_trd->postprocess_kthread_state)); tag[SHMB_WORKER_THREAD], atomic_read(&smcinvoke_wrk_trd->postprocess_kthread_state));
smcinvoke_shmbridge_post_process(); smcinvoke_shmbridge_post_process();
break; break;
case OBJECT_WORKER_THREAD: case OBJECT_WORKER_THREAD:
tag = "object";
pr_debug("kthread to %s postprocess is called %d\n", pr_debug("kthread to %s postprocess is called %d\n",
tag, atomic_read(&smcinvoke_wrk_trd->postprocess_kthread_state)); tag[OBJECT_WORKER_THREAD], atomic_read(&smcinvoke_wrk_trd->postprocess_kthread_state));
smcinvoke_object_post_process(); smcinvoke_object_post_process();
break; break;
case ADCI_WORKER_THREAD: case ADCI_WORKER_THREAD:
tag = "adci";
pr_debug("kthread to %s postprocess is called %d\n", pr_debug("kthread to %s postprocess is called %d\n",
tag, atomic_read(&smcinvoke_wrk_trd->postprocess_kthread_state)); tag[ADCI_WORKER_THREAD], atomic_read(&smcinvoke_wrk_trd->postprocess_kthread_state));
smcinvoke_start_adci_thread(); smcinvoke_start_adci_thread();
break; break;
default: default:
@@ -722,7 +719,7 @@ static int smcinvoke_postprocess_kthread_func(void *data)
atomic_set(&smcinvoke_wrk_trd->postprocess_kthread_state, atomic_set(&smcinvoke_wrk_trd->postprocess_kthread_state,
POST_KT_SLEEP); POST_KT_SLEEP);
} }
pr_warn("kthread to %s postprocess stopped\n", tag); pr_warn("kthread(worker_thread) processed, worker_thread type is %d \n", smcinvoke_wrk_trd->type);
return 0; return 0;
} }

5
smcinvoke/smcinvoke_kernel.c
View File

@@ -445,14 +445,15 @@ exit_free_cxt:
static int __qseecom_shutdown_app(struct qseecom_handle **handle) static int __qseecom_shutdown_app(struct qseecom_handle **handle)
{ {
struct qseecom_compat_context *cxt =
(struct qseecom_compat_context *)(*handle);
struct qseecom_compat_context *cxt = NULL;
if ((handle == NULL) || (*handle == NULL)) { if ((handle == NULL) || (*handle == NULL)) {
pr_err("Handle is NULL\n"); pr_err("Handle is NULL\n");
return -EINVAL; return -EINVAL;
} }
cxt = (struct qseecom_compat_context *)(*handle);
qtee_shmbridge_free_shm(&cxt->shm); qtee_shmbridge_free_shm(&cxt->shm);
Object_release(cxt->app_controller); Object_release(cxt->app_controller);
Object_release(cxt->app_loader); Object_release(cxt->app_loader);