On Fri, Oct 02, 2020 at 05:22:41PM +0300, Dmitry Osipenko wrote:
> 02.10.2020 09:08, Nicolin Chen пишет:
> > static int tegra_smmu_of_xlate(struct device *dev,
> > struct of_phandle_args *args)
> > {
> > + struct platform_device *iommu_pdev = of_find_device_by_node(args->np);
> > + struct tegra_mc *mc = platform_get_drvdata(iommu_pdev);
> > u32 id = args->args[0];
> >
> > + of_node_put(args->np);
> > +
> > + if (!mc || !mc->smmu)
> > + return -EPROBE_DEFER;
>
> platform_get_drvdata(NULL) will crash.
>
> > + dev_iommu_priv_set(dev, mc->smmu);
>
> I think put_device(mc->dev) is missed here, doesn't it?Yeah, I think we'd need that here, otherwise we'd be leaking a reference. Worse, even, mc->dev is the same device that owns the SMMU, so we're basically incrementing our own reference here and never releasing it. We also need that put_device(mc->dev) in the error case above because we already hold the reference there. Thierry
signature.asc
Description: PGP signature
