[PATCH 4.9 40/83] genirq: Properly pair kobject_del() with kobject_add()

From: Greg Kroah-Hartman
Date: Wed Sep 04 2019 - 14:00:13 EST

Next message: Greg Kroah-Hartman: "[PATCH 4.9 39/83] dm table: fix invalid memory accesses with too high sector number"
Previous message: Greg Kroah-Hartman: "[PATCH 4.9 38/83] dm space map metadata: fix missing store of apply_bops() return value"
In reply to: Greg Kroah-Hartman: "[PATCH 4.9 38/83] dm space map metadata: fix missing store of apply_bops() return value"
Next in thread: Greg Kroah-Hartman: "[PATCH 4.9 39/83] dm table: fix invalid memory accesses with too high sector number"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Michael Kelley <mikelley@xxxxxxxxxxxxx>

commit d0ff14fdc987303aeeb7de6f1bd72c3749ae2a9b upstream.

If alloc_descs() fails before irq_sysfs_init() has run, free_desc() in the
cleanup path will call kobject_del() even though the kobject has not been
added with kobject_add().

Fix this by making the call to kobject_del() conditional on whether
irq_sysfs_init() has run.

This problem surfaced because commit aa30f47cf666 ("kobject: Add support
for default attribute groups to kobj_type") makes kobject_del() stricter
about pairing with kobject_add(). If the pairing is incorrrect, a WARNING
and backtrace occur in sysfs_remove_group() because there is no parent.

[ tglx: Add a comment to the code and make it work with CONFIG_SYSFS=n ]

Fixes: ecb3f394c5db ("genirq: Expose interrupt information through sysfs")
Signed-off-by: Michael Kelley <mikelley@xxxxxxxxxxxxx>
Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
Acked-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
Link: https://lkml.kernel.org/r/1564703564-4116-1-git-send-email-mikelley@xxxxxxxxxxxxx
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
kernel/irq/irqdesc.c | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)

--- a/kernel/irq/irqdesc.c
+++ b/kernel/irq/irqdesc.c
@@ -267,6 +267,18 @@ static void irq_sysfs_add(int irq, struc
}
}

+static void irq_sysfs_del(struct irq_desc *desc)
+{
+ /*
+ * If irq_sysfs_init() has not yet been invoked (early boot), then
+ * irq_kobj_base is NULL and the descriptor was never added.
+ * kobject_del() complains about a object with no parent, so make
+ * it conditional.
+ */
+ if (irq_kobj_base)
+ kobject_del(&desc->kobj);
+}
+
static int __init irq_sysfs_init(void)
{
struct irq_desc *desc;
@@ -297,6 +309,7 @@ static struct kobj_type irq_kobj_type =
};

static void irq_sysfs_add(int irq, struct irq_desc *desc) {}
+static void irq_sysfs_del(struct irq_desc *desc) {}

#endif /* CONFIG_SYSFS */

@@ -406,7 +419,7 @@ static void free_desc(unsigned int irq)
* The sysfs entry must be serialized against a concurrent
* irq_sysfs_init() as well.
*/
- kobject_del(&desc->kobj);
+ irq_sysfs_del(desc);
delete_irq_desc(irq);

/*

Next message: Greg Kroah-Hartman: "[PATCH 4.9 39/83] dm table: fix invalid memory accesses with too high sector number"
Previous message: Greg Kroah-Hartman: "[PATCH 4.9 38/83] dm space map metadata: fix missing store of apply_bops() return value"
In reply to: Greg Kroah-Hartman: "[PATCH 4.9 38/83] dm space map metadata: fix missing store of apply_bops() return value"
Next in thread: Greg Kroah-Hartman: "[PATCH 4.9 39/83] dm table: fix invalid memory accesses with too high sector number"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]