Re: [PATCH] powerpc: 8xx: fix a return value error in mpc8xx_pic_init

Wed, 09 Mar 2022 02:47:11 -0800 

Christophe Leroy <christophe.le...@csgroup.eu> writes:
> Le 09/03/2022 à 04:24, Michael Ellerman a écrit :
>> Hangyu Hua <hbh...@gmail.com> writes:
>>> mpc8xx_pic_init() should return -ENOMEM instead of 0 when
>>> irq_domain_add_linear() return NULL. This cause mpc8xx_pics_init to continue
>>> executing even if mpc8xx_pic_host is NULL.
>>>
>>> Fixes: cc76404feaed ("powerpc/8xx: Fix possible device node reference leak")
>>> Signed-off-by: Hangyu Hua <hbh...@gmail.com>
>>> ---
>>>   arch/powerpc/platforms/8xx/pic.c | 1 +
>>>   1 file changed, 1 insertion(+)
>>>
>>> diff --git a/arch/powerpc/platforms/8xx/pic.c 
>>> b/arch/powerpc/platforms/8xx/pic.c
>>> index f2ba837249d6..04a6abf14c29 100644
>>> --- a/arch/powerpc/platforms/8xx/pic.c
>>> +++ b/arch/powerpc/platforms/8xx/pic.c
>>> @@ -153,6 +153,7 @@ int __init mpc8xx_pic_init(void)
>> 
>> Expanding the context:
>> 
>>      siu_reg = ioremap(res.start, resource_size(&res));
>>      if (siu_reg == NULL) {
>>              ret = -EINVAL;
>>              goto out;
>>      }
>> 
>>      mpc8xx_pic_host = irq_domain_add_linear(np, 64, &mpc8xx_pic_host_ops, 
>> NULL);
>>>     if (mpc8xx_pic_host == NULL) {
>>>             printk(KERN_ERR "MPC8xx PIC: failed to allocate irq host!\n");
>>>             ret = -ENOMEM;
>>> +           goto out;
>>>     }
>>>   
>>>     ret = 0;
>>>     
>> out:
>>      of_node_put(np);
>>      return ret;
>> }
>> 
>> Proper error cleanup should also undo the ioremap() if
>> irq_domain_add_linear() fails.
>
> Uh ...
>
> If siu_reg is NULL, you get a serious problem when __do_irq() calls 
> mpc8xx_get_irq()

Arguably it shouldn't be assigned to ppc_md.get_irq unless
mpc8xx_pic_init() succeeds. See eg. xics_init().

> unsigned int mpc8xx_get_irq(void)
> {
>       int irq;
>
>       /* For MPC8xx, read the SIVEC register and shift the bits down
>        * to get the irq number.
>        */
>       irq = in_be32(&siu_reg->sc_sivec) >> 26;
>
>       if (irq == PIC_VEC_SPURRIOUS)
>               return 0;
>
>          return irq_linear_revmap(mpc8xx_pic_host, irq);
>
> }
>
>
> So I'll leave siu_reg as is even if irq_domain_add_linear() fails.
>
> Whatever, if we do something about that it should be done in another 
> patch I think.

Yeah OK, that's becoming a bit of a larger cleanup. I'll take this patch
as-is.

cheers

Reply via email to