[PATCH 4.14 58/62] mtd: rawnand: atmel: fix OF child-node lookup

From: Greg Kroah-Hartman
Date: Mon Nov 26 2018 - 06:01:11 EST

4.14-stable review patch. If anyone has any objections, please let me know.


From: Johan Hovold <johan@xxxxxxxxxx>

commit 5d1e9c2212ea6b4dd735e4fc3dd6279a365d5d10 upstream.

Use the new of_get_compatible_child() helper to lookup the nfc child
node instead of using of_find_compatible_node(), which searches the
entire tree from a given start node and thus can return an unrelated
(i.e. non-child) node.

This also addresses a potential use-after-free (e.g. after probe
deferral) as the tree-wide helper drops a reference to its first
argument (i.e. the node of the device being probed).

While at it, also fix a related nfc-node reference leak.

Fixes: f88fc122cc34 ("mtd: nand: Cleanup/rework the atmel_nand driver")
Cc: stable <stable@xxxxxxxxxxxxxxx> # 4.11
Cc: Nicolas Ferre <nicolas.ferre@xxxxxxxxxxxxx>
Cc: Josh Wu <rainyfeeling@xxxxxxxxxxx>
Cc: Boris Brezillon <boris.brezillon@xxxxxxxxxxx>
Signed-off-by: Johan Hovold <johan@xxxxxxxxxx>
Signed-off-by: Boris Brezillon <boris.brezillon@xxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

drivers/mtd/nand/atmel/nand-controller.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)

--- a/drivers/mtd/nand/atmel/nand-controller.c
+++ b/drivers/mtd/nand/atmel/nand-controller.c
@@ -2077,8 +2077,7 @@ atmel_hsmc_nand_controller_legacy_init(s
int ret;

nand_np = dev->of_node;
- nfc_np = of_find_compatible_node(dev->of_node, NULL,
- "atmel,sama5d3-nfc");
+ nfc_np = of_get_compatible_child(dev->of_node, "atmel,sama5d3-nfc");
if (!nfc_np) {
dev_err(dev, "Could not find device node for sama5d3-nfc\n");
return -ENODEV;
@@ -2492,15 +2491,19 @@ static int atmel_nand_controller_probe(s

if (caps->legacy_of_bindings) {
+ struct device_node *nfc_node;
u32 ale_offs = 21;

* If we are parsing legacy DT props and the DT contains a
* valid NFC node, forward the request to the sama5 logic.
- if (of_find_compatible_node(pdev->dev.of_node, NULL,
- "atmel,sama5d3-nfc"))
+ nfc_node = of_get_compatible_child(pdev->dev.of_node,
+ "atmel,sama5d3-nfc");
+ if (nfc_node) {
caps = &atmel_sama5_nand_caps;
+ of_node_put(nfc_node);
+ }

* Even if the compatible says we are dealing with an