[PATCH 7/8] of/irq: Fix device node refcount leakages in of_irq_init()
From: Zijun Hu
Date: Mon Dec 09 2024 - 08:28:59 EST
From: Zijun Hu <quic_zijuhu@xxxxxxxxxxx>
of_irq_init() will leak interrupt controller device node refcounts
in two places as explained below:
1) Leak refcounts of both @desc->dev and @desc->interrupt_parent when
suffers @desc->irq_init_cb() failure.
2) Leak refcount of @desc->interrupt_parent when cleans up list
@intc_desc_list in the end.
Refcounts of both @desc->dev and @desc->interrupt_parent were got in
the first loop, but of_irq_init() does not put them before kfree(@desc)
in places mentioned above, so causes refcount leakages.
Fix by putting refcounts involved before kfree(@desc).
Fixes: 8363ccb917c6 ("of/irq: add missing of_node_put")
Fixes: c71a54b08201 ("of/irq: introduce of_irq_init")
Cc: stable@xxxxxxxxxxxxxxx
Signed-off-by: Zijun Hu <quic_zijuhu@xxxxxxxxxxx>
---
drivers/of/irq.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/of/irq.c b/drivers/of/irq.c
index d917924d80f563e1392cedc616843365bc638f16..29a58d62d97d1ca4d09a4e4d21531b5b9b958494 100644
--- a/drivers/of/irq.c
+++ b/drivers/of/irq.c
@@ -634,6 +634,8 @@ void __init of_irq_init(const struct of_device_id *matches)
__func__, desc->dev, desc->dev,
desc->interrupt_parent);
of_node_clear_flag(desc->dev, OF_POPULATED);
+ of_node_put(desc->interrupt_parent);
+ of_node_put(desc->dev);
kfree(desc);
continue;
}
@@ -664,6 +666,7 @@ void __init of_irq_init(const struct of_device_id *matches)
err:
list_for_each_entry_safe(desc, temp_desc, &intc_desc_list, list) {
list_del(&desc->list);
+ of_node_put(desc->interrupt_parent);
of_node_put(desc->dev);
kfree(desc);
}
--
2.34.1