On Mon, 9 Dec 2024 at 15:28, Krzysztof Kozlowski
<krzysztof.kozlowski@xxxxxxxxxx> wrote:
>
> Commit ca61d6836e6f ("firmware: qcom: scm: fix a NULL-pointer
> dereference") makes it explicit that qcom_scm_get_tzmem_pool() can
> return NULL, therefore its users should handle this.
>
> Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@xxxxxxxxxx>
> ---
> drivers/firmware/qcom/qcom_scm-smc.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/drivers/firmware/qcom/qcom_scm-smc.c b/drivers/firmware/qcom/qcom_scm-smc.c
> index 2b4c2826f57251f25a1bc37c3b467dde28e1268b..3f10b23ec941b558e1d91761011776bb5c9d11b5 100644
> --- a/drivers/firmware/qcom/qcom_scm-smc.c
> +++ b/drivers/firmware/qcom/qcom_scm-smc.c
> @@ -173,6 +173,9 @@ int __scm_smc_call(struct device *dev, const struct qcom_scm_desc *desc,
> smc.args[i + SCM_SMC_FIRST_REG_IDX] = desc->args[i];
>
> if (unlikely(arglen > SCM_SMC_N_REG_ARGS)) {
> + if (!mempool)
> + return -EINVAL;
> +
> args_virt = qcom_tzmem_alloc(mempool,
> SCM_SMC_N_EXT_ARGS * sizeof(u64),
> flag);
>
> --
> 2.43.0
>
Reviewed-by: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxx>
