dma-direct: check return value when encrypting or decrypting memory

__change_page_attr() can fail which will cause set_memory_encrypted() and set_memory_decrypted() to return non-zero. If the device requires unencrypted DMA memory and decryption fails, simply free the memory and fail. If attempting to re-encrypt in the failure path and that encryption fails, there is no alternative other than to leak the memory. Fixes: c10f07aa27 ("dma/direct: Handle force decryption for DMA coherent buffers in common code") Signed-off-by: David Rientjes <rientjes@google.com> Signed-off-by: Christoph Hellwig <hch@lst.de>
2020-06-11 12:20:30 -07:00 · 2020-06-11 12:20:30 -07:00 · 56fccf21d1
parent 96a539fa3b
commit 56fccf21d1
1 changed files with 14 additions and 5 deletions
--- a/kernel/dma/direct.c
+++ b/kernel/dma/direct.c
@ -158,6 +158,7 @@ void *dma_direct_alloc_pages(struct device *dev, size_t size,
 {
 	struct page *page;
 	void *ret;
 	int err;
 	size = PAGE_ALIGN(size);
@ -210,8 +211,12 @@ void *dma_direct_alloc_pages(struct device *dev, size_t size,
 	}
 	ret = page_address(page);
-	if (force_dma_unencrypted(dev))
+	if (force_dma_unencrypted(dev)) {
-		set_memory_decrypted((unsigned long)ret, 1 << get_order(size));
+		err = set_memory_decrypted((unsigned long)ret,
 					   1 << get_order(size));
 		if (err)
 			goto out_free_pages;
 	}
 	memset(ret, 0, size);
@ -230,9 +235,13 @@ done:
 	return ret;
 out_encrypt_pages:
-	if (force_dma_unencrypted(dev))
+	if (force_dma_unencrypted(dev)) {
-		set_memory_encrypted((unsigned long)page_address(page),
+		err = set_memory_encrypted((unsigned long)page_address(page),
-				     1 << get_order(size));
+					   1 << get_order(size));
 		/* If memory cannot be re-encrypted, it must be leaked */
 		if (err)
 			return NULL;
 	}
 out_free_pages:
 	dma_free_contiguous(dev, page, size);
 	return NULL;