lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAL_Jsq+eTmbjkOxutCLjgSSQ34yOVEQQQBtSH3v93heM_BYHRQ@mail.gmail.com>
Date:   Tue, 28 Feb 2023 17:14:18 -0600
From:   Rob Herring <robh+dt@...nel.org>
To:     Clément Léger <clement.leger@...tlin.com>,
        Saravana Kannan <saravanak@...gle.com>,
        Jean Jacques Hiblot <jjhiblot@...phandler.com>
Cc:     Frank Rowand <frowand.list@...il.com>, devicetree@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] of/irq: add missing of_node_put() for interrupt parent node

+Saravana, Jean

On Tue, Jan 17, 2023 at 8:47 AM Clément Léger <clement.leger@...tlin.com> wrote:
>
> After calling of_irq_parse_one(), the node provided in the of_phandle_args
> has a refcount increment by one. Add missing of_node_put in of_irq_get()
> to decrement the refcount once used.
>
> Signed-off-by: Clément Léger <clement.leger@...tlin.com>
> ---
>
> While debugging a refcount problem with OF_DYNAMIC enabled (which is
> actually the only case were node refcount are really used), I noticed that
> platform_get_irq() was actually incrementing the refcount of an interrupt
> controller node. Digging into that function shows that it calls
> of_irq_get() which calls of_irq_parse_one() and finally of_irq_parse_raw().
> Since it seems sane that the node returned in the of_phandle_args has a
> refcount incremented, I thought it is better to put the of_node_put() in
> the user even though it was hard to find any user doing so.

While investigating [1], I stumbled back on this. Was the failing case
you had using interrupts-extended? It looks to me like that path has a
get, but the 'interrupts' path does not. If so, this change is wrong.

Rob

[1] https://lore.kernel.org/all/20230228174019.4004581-1-jjhiblot@traphandler.com/


>
>  drivers/of/irq.c | 12 +++++++++---
>  1 file changed, 9 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/of/irq.c b/drivers/of/irq.c
> index e9bf5236ed89..174900072c18 100644
> --- a/drivers/of/irq.c
> +++ b/drivers/of/irq.c
> @@ -438,10 +438,16 @@ int of_irq_get(struct device_node *dev, int index)
>                 return rc;
>
>         domain = irq_find_host(oirq.np);
> -       if (!domain)
> -               return -EPROBE_DEFER;
> +       if (!domain) {
> +               rc = -EPROBE_DEFER;
> +               goto out;
> +       }
>
> -       return irq_create_of_mapping(&oirq);
> +       rc = irq_create_of_mapping(&oirq);
> +out:
> +       of_node_put(oirq.np);
> +
> +       return rc;
>  }
>  EXPORT_SYMBOL_GPL(of_irq_get);
>
> --
> 2.39.0
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ