crypto: hisilicon - fixed memory allocation error

[ Upstream commit 24efcec2919afa7d56f848c83a605b46c8042a53 ]

1. Fix the bug of 'mac' memory leak as allocating 'pbuf' failing.
2. Fix the bug of 'qps' leak as allocating 'qp_ctx' failing.

Signed-off-by: Longfang Liu <liulongfang@huawei.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/drivers/crypto/hisilicon/sec2/sec_crypto.c b/drivers/crypto/hisilicon/sec2/sec_crypto.c
index 64614a9bdf219fa0978fe4f07d00e8c3a8e0293d..047826f18bd35e925b4a6185f29a1a32292f1f2c 100644 (file)
--- a/drivers/crypto/hisilicon/sec2/sec_crypto.c
+++ b/drivers/crypto/hisilicon/sec2/sec_crypto.c
@@ -332,11 +332,14 @@ static int sec_alg_resource_alloc(struct sec_ctx *ctx,
                ret = sec_alloc_pbuf_resource(dev, res);
                if (ret) {
                        dev_err(dev, "fail to alloc pbuf dma resource!\n");
-                       goto alloc_fail;
+                       goto alloc_pbuf_fail;
                }
        }
 
        return 0;
+alloc_pbuf_fail:
+       if (ctx->alg_type == SEC_AEAD)
+               sec_free_mac_resource(dev, qp_ctx->res);
 alloc_fail:
        sec_free_civ_resource(dev, res);
 
@@ -447,8 +450,10 @@ static int sec_ctx_base_init(struct sec_ctx *ctx)
        ctx->fake_req_limit = QM_Q_DEPTH >> 1;
        ctx->qp_ctx = kcalloc(sec->ctx_q_num, sizeof(struct sec_qp_ctx),
                              GFP_KERNEL);
-       if (!ctx->qp_ctx)
-               return -ENOMEM;
+       if (!ctx->qp_ctx) {
+               ret = -ENOMEM;
+               goto err_destroy_qps;
+       }
 
        for (i = 0; i < sec->ctx_q_num; i++) {
                ret = sec_create_qp_ctx(&sec->qm, ctx, i, 0);
@@ -457,12 +462,15 @@ static int sec_ctx_base_init(struct sec_ctx *ctx)
        }
 
        return 0;
+
 err_sec_release_qp_ctx:
        for (i = i - 1; i >= 0; i--)
                sec_release_qp_ctx(ctx, &ctx->qp_ctx[i]);
 
-       sec_destroy_qps(ctx->qps, sec->ctx_q_num);
        kfree(ctx->qp_ctx);
+err_destroy_qps:
+       sec_destroy_qps(ctx->qps, sec->ctx_q_num);
+
        return ret;
 }