drm/nouveau/gsp: fix potential leak of memory used during acpi init (d133036a) · Commits · git / linux-net

drivers/gpu/drm/nouveau/nvkm/subdev/gsp/rm/r535/gsp.c

+14 −6

Original line number	Diff line number	Diff line
		@@ -719,7 +719,6 @@ r535_gsp_acpi_caps(acpi_handle handle, CAPS_METHOD_DATA *caps)
		union acpi_object argv4 = {
		.buffer.type = ACPI_TYPE_BUFFER,
		.buffer.length = 4,
		.buffer.pointer = kmalloc(argv4.buffer.length, GFP_KERNEL),
		}, *obj;

		caps->status = 0xffff;
		@@ -727,17 +726,22 @@ r535_gsp_acpi_caps(acpi_handle handle, CAPS_METHOD_DATA *caps)
		if (!acpi_check_dsm(handle, &NVOP_DSM_GUID, NVOP_DSM_REV, BIT_ULL(0x1a)))
		return;

		argv4.buffer.pointer = kmalloc(argv4.buffer.length, GFP_KERNEL);
		if (!argv4.buffer.pointer)
		return;

		obj = acpi_evaluate_dsm(handle, &NVOP_DSM_GUID, NVOP_DSM_REV, 0x1a, &argv4);
		if (!obj)
		return;
		goto done;

		if (WARN_ON(obj->type != ACPI_TYPE_BUFFER) \|\|
		WARN_ON(obj->buffer.length != 4))
		return;
		goto done;

		caps->status = 0;
		caps->optimusCaps = (u32 )obj->buffer.pointer;

		done:
		ACPI_FREE(obj);

		kfree(argv4.buffer.pointer);
		@@ -754,24 +758,28 @@ r535_gsp_acpi_jt(acpi_handle handle, JT_METHOD_DATA *jt)
		union acpi_object argv4 = {
		.buffer.type = ACPI_TYPE_BUFFER,
		.buffer.length = sizeof(caps),
		.buffer.pointer = kmalloc(argv4.buffer.length, GFP_KERNEL),
		}, *obj;

		jt->status = 0xffff;

		argv4.buffer.pointer = kmalloc(argv4.buffer.length, GFP_KERNEL);
		if (!argv4.buffer.pointer)
		return;

		obj = acpi_evaluate_dsm(handle, &JT_DSM_GUID, JT_DSM_REV, 0x1, &argv4);
		if (!obj)
		return;
		goto done;

		if (WARN_ON(obj->type != ACPI_TYPE_BUFFER) \|\|
		WARN_ON(obj->buffer.length != 4))
		return;
		goto done;

		jt->status = 0;
		jt->jtCaps = (u32 )obj->buffer.pointer;
		jt->jtRevId = (jt->jtCaps & 0xfff00000) >> 20;
		jt->bSBIOSCaps = 0;

		done:
		ACPI_FREE(obj);

		kfree(argv4.buffer.pointer);