On Sat, 11 Nov 2017 17:51:25 +0100 Johan Hovold johan@kernel.org wrote:
Johan,
Fix child-node lookup during initialisation, which ended up searching the whole device tree depth-first starting at the parent rather than just matching on its children.
To make things worse, the parent giq node was prematurely freed, while
s/giq/gic/.
Care to point out where that node would be prematurely freed? I don't see your patch addressing that either...
the ppi-partitions node was leaked.
Fixes: e3825ba1af3a ("irqchip/gic-v3: Add support for partitioned PPIs") Cc: stable stable@vger.kernel.org # 4.7
Do you have an example of this causing any trouble in the wild? As far as I remember, the whole of_node refcounting isn't really enforced, so while this is definitely a bug, it wouldn't cause any harm anywhere.
Or am I missing something obvious?
Thanks,
M.
Cc: Marc Zyngier marc.zyngier@arm.com Signed-off-by: Johan Hovold johan@kernel.org
drivers/irqchip/irq-gic-v3.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/drivers/irqchip/irq-gic-v3.c b/drivers/irqchip/irq-gic-v3.c index 17221143f505..af1f8373d8bf 100644 --- a/drivers/irqchip/irq-gic-v3.c +++ b/drivers/irqchip/irq-gic-v3.c @@ -1103,18 +1103,18 @@ static void __init gic_populate_ppi_partitions(struct device_node *gic_node) int nr_parts; struct partition_affinity *parts;
- parts_node = of_find_node_by_name(gic_node, "ppi-partitions");
- parts_node = of_get_child_by_name(gic_node, "ppi-partitions"); if (!parts_node) return;
nr_parts = of_get_child_count(parts_node); if (!nr_parts)
return;
goto out_put_node;parts = kzalloc(sizeof(*parts) * nr_parts, GFP_KERNEL); if (WARN_ON(!parts))
return;
goto out_put_node;for_each_child_of_node(parts_node, child_part) { struct partition_affinity *part; @@ -1181,6 +1181,9 @@ static void __init gic_populate_ppi_partitions(struct device_node *gic_node) gic_data.ppi_descs[i] = desc; }
+out_put_node:
- of_node_put(parts_node);
} static void __init gic_of_setup_kvm_info(struct device_node *node)