powerpc/pseries/msi: Fix NULL pointer dereference at irq domain teardown

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

pseries_msi_ops_teardown() reads pci_dev* from msi_alloc_info_t. However,
pseries_msi_ops_prepare() does not populate this structure, thus it is all
zeros. Consequently, pseries_msi_ops_teardown() triggers a NULL pointer
dereference crash.

struct pci_dev is available in struct irq_domain. Read it there instead.

Reported-by: Venkat Rao Bagalkote <venkat88@linux.ibm.com>
Closes: https://lore.kernel.org/linuxppc-dev/878d7651-433a-46fe-a28b-1b7e893fcbe0@linux.ibm.com/
Tested-by: Venkat Rao Bagalkote <venkat88@linux.ibm.com>
Signed-off-by: Nam Cao <namcao@linutronix.de>
Signed-off-by: Madhavan Srinivasan <maddy@linux.ibm.com>
Link: https://patch.msgid.link/20251010120307.3281720-1-namcao@linutronix.de

authored by

Nam Cao and committed by

Madhavan Srinivasan 5 months ago ef3e73a9 3a866087

+1 -2

1 changed file

expand all

arch

powerpc

platforms

pseries

msi.c

+1 -2

arch/powerpc/platforms/pseries/msi.c

··· 443 443 */ 444 444 static void pseries_msi_ops_teardown(struct irq_domain *domain, msi_alloc_info_t *arg) 445 445 { 446 - struct msi_desc *desc = arg->desc; 447 - struct pci_dev *pdev = msi_desc_to_pci_dev(desc); 446 + struct pci_dev *pdev = to_pci_dev(domain->dev); 448 447 449 448 rtas_disable_msi(pdev); 450 449 }