msm: kgsl: Don't release context twice in kgsl_add_fence_event
In cases where copy_to_user() in kgsl_add_fence_event fails,
kgsl_context_put() gets called twice on the same context. After the
first call to kgsl_context_put(), just put the context to NULL. It's not
used anymore, and the second release will end up being a no-op.
CTS: This doesn't seem to be directly related to the tested CVE, but the
PoC causes a kernel panic, which gets fixed with this commit. Patches
for the CVE are already in the history.
Issue: SEC-2433
Test: run cts -m CtsSecurityBulletinHostTestCases
-t android.security.cts.Poc17_01#testPocCVE_2016_8434
Change-Id: Iad77d0c582f28c9a2dea074672eced883560287d
1 file changed