]> www.infradead.org Git - users/hch/misc.git/commitdiff
projects / users / hch / misc.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3a86608)
powerpc/pseries/msi: Fix NULL pointer dereference at irq domain teardown
authorNam Cao <namcao@linutronix.de>
Fri, 10 Oct 2025 12:03:07 +0000 (12:03 +0000)
committerMadhavan Srinivasan <maddy@linux.ibm.com>
Mon, 13 Oct 2025 04:09:02 +0000 (09:39 +0530)
pseries_msi_ops_teardown() reads pci_dev* from msi_alloc_info_t. However,
pseries_msi_ops_prepare() does not populate this structure, thus it is all
zeros. Consequently, pseries_msi_ops_teardown() triggers a NULL pointer
dereference crash.

struct pci_dev is available in struct irq_domain. Read it there instead.

Reported-by: Venkat Rao Bagalkote <venkat88@linux.ibm.com>
Closes: https://lore.kernel.org/linuxppc-dev/878d7651-433a-46fe-a28b-1b7e893fcbe0@linux.ibm.com/
Tested-by: Venkat Rao Bagalkote <venkat88@linux.ibm.com>
Signed-off-by: Nam Cao <namcao@linutronix.de>
Signed-off-by: Madhavan Srinivasan <maddy@linux.ibm.com>
Link: https://patch.msgid.link/20251010120307.3281720-1-namcao@linutronix.de
arch/powerpc/platforms/pseries/msi.c patch | blob | history

diff --git a/arch/powerpc/platforms/pseries/msi.c b/arch/powerpc/platforms/pseries/msi.c
index 825f9432e03d7d8612100a92a9334954d31541f8..a82aaa786e9e02cb4a6cec1fe076186ad960ed46 100644 (file)
--- a/arch/powerpc/platforms/pseries/msi.c
+++ b/arch/powerpc/platforms/pseries/msi.c
@@ -443,8 +443,7 @@ static int pseries_msi_ops_prepare(struct irq_domain *domain, struct device *dev
  */
 static void pseries_msi_ops_teardown(struct irq_domain *domain, msi_alloc_info_t *arg)
 {
-       struct msi_desc *desc = arg->desc;
-       struct pci_dev *pdev = msi_desc_to_pci_dev(desc);
+       struct pci_dev *pdev = to_pci_dev(domain->dev);
 
        rtas_disable_msi(pdev);
 }
Unnamed repository; edit this file 'description' to name the repository.