| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <a0921920-d381-4a67-8b4d-d91e5319a354@csgroup.eu>
Date: Tue, 4 Nov 2025 18:26:48 +0100
From: Christophe Leroy <christophe.leroy@...roup.eu>
To: Miaoqian Lin <linmq006@...il.com>,
Madhavan Srinivasan <maddy@...ux.ibm.com>,
Michael Ellerman <mpe@...erman.id.au>, Nicholas Piggin <npiggin@...il.com>,
"Jiri Slaby (SUSE)" <jirislaby@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Albert Herranz <albert_herranz@...oo.es>,
Grant Likely <grant.likely@...retlab.ca>,
Segher Boessenkool <segher@...nel.crashing.org>,
linuxppc-dev@...ts.ozlabs.org, linux-kernel@...r.kernel.org
Cc: stable@...r.kernel.org
Subject: Re: [PATCH] powerpc/flipper-pic: Fix device node reference leak in
flipper_pic_init
Le 27/10/2025 à 16:09, Miaoqian Lin a écrit :
> The flipper_pic_init() function calls of_get_parent() which increases
> the device node reference count, but fails to call of_node_put() to
> balance the reference count.
>
> Add calls to of_node_put() in all paths to fix the leak.
>
> Found via static analysis.
>
> Fixes: 028ee972f032 ("powerpc: gamecube/wii: flipper interrupt controller support")
> Cc: stable@...r.kernel.org
> Signed-off-by: Miaoqian Lin <linmq006@...il.com>
> ---
> arch/powerpc/platforms/embedded6xx/flipper-pic.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/arch/powerpc/platforms/embedded6xx/flipper-pic.c b/arch/powerpc/platforms/embedded6xx/flipper-pic.c
> index 91a8f0a7086e..cf6f795c8d76 100644
> --- a/arch/powerpc/platforms/embedded6xx/flipper-pic.c
> +++ b/arch/powerpc/platforms/embedded6xx/flipper-pic.c
> @@ -135,13 +135,13 @@ static struct irq_domain * __init flipper_pic_init(struct device_node *np)
> }
> if (!of_device_is_compatible(pi, "nintendo,flipper-pi")) {
> pr_err("unexpected parent compatible\n");
> - goto out;
> + goto out_put_node;
> }
>
> retval = of_address_to_resource(pi, 0, &res);
> if (retval) {
> pr_err("no io memory range found\n");
> - goto out;
> + goto out_put_node;
> }
> io_base = ioremap(res.start, resource_size(&res));
>
> @@ -154,9 +154,12 @@ static struct irq_domain * __init flipper_pic_init(struct device_node *np)
> &flipper_irq_domain_ops, io_base);
> if (!irq_domain) {
> pr_err("failed to allocate irq_domain\n");
> + of_node_put(pi);
irq_domain is NULL here so instead of adding this of_node_put() you
could just remove below 'return NULL' (and the {} of the if) and
fallthrough.
> return NULL;
> }
>
> +out_put_node:
> + of_node_put(pi);
> out:
> return irq_domain;
> }
Powered by blists - more mailing lists