drm/msm: Add error handling for krealloc in metadata setup

Function msm_ioctl_gem_info_set_metadata() now checks for krealloc
failure and returns -ENOMEM, avoiding potential NULL pointer dereference.
Explicitly avoids __GFP_NOFAIL due to deadlock risks and allocation constraints.

Signed-off-by: Yuan Chen <chenyuan@kylinos.cn>
Patchwork: https://patchwork.freedesktop.org/patch/661235/
Signed-off-by: Rob Clark <robin.clark@oss.qualcomm.com>

diff --git a/drivers/gpu/drm/msm/msm_drv.c b/drivers/gpu/drm/msm/msm_drv.c
index d007687c24467d84d4d4179174764ef066c66354..f0d016ce8e11cba5bb30b60b7abc1b2c542b33f0 100644 (file)
--- a/drivers/gpu/drm/msm/msm_drv.c
+++ b/drivers/gpu/drm/msm/msm_drv.c
@@ -555,6 +555,7 @@ static int msm_ioctl_gem_info_set_metadata(struct drm_gem_object *obj,
                                           u32 metadata_size)
 {
        struct msm_gem_object *msm_obj = to_msm_bo(obj);
+       void *new_metadata;
        void *buf;
        int ret;
 
@@ -572,8 +573,14 @@ static int msm_ioctl_gem_info_set_metadata(struct drm_gem_object *obj,
        if (ret)
                goto out;
 
-       msm_obj->metadata =
+       new_metadata =
                krealloc(msm_obj->metadata, metadata_size, GFP_KERNEL);
+       if (!new_metadata) {
+               ret = -ENOMEM;
+               goto out;
+       }
+
+       msm_obj->metadata = new_metadata;
        msm_obj->metadata_size = metadata_size;
        memcpy(msm_obj->metadata, buf, metadata_size);