| Message ID | 20241024-phy_core_fix-v2-5-fc0c63dbfcf3@quicinc.com |
|---|---|
| State | Superseded |
| Headers | show |
| Series | phy: core: Fix bugs for several APIs and simplify an API | expand |
On Thu, Oct 24, 2024 at 10:39:30PM +0800, Zijun Hu wrote: > From: Zijun Hu <quic_zijuhu@quicinc.com> > > For macro for_each_child_of_node(parent, child), refcount of @child has > been increased before entering its loop body, so normally needs to call > of_node_put(@child) before returning from the loop body to avoid refcount > leakage. > > of_phy_provider_lookup() has such usage but does not call of_node_put() > before returning, so cause leakage of the OF node refcount. > > Fixed by simply calling of_node_put() before returning from the loop body. > > The APIs affected by this issue are shown below since they indirectly > invoke problematic of_phy_provider_lookup(). > phy_get() > of_phy_get() > devm_phy_get() > devm_of_phy_get() > devm_of_phy_get_by_index() > > Fixes: 2a4c37016ca9 ("phy: core: Fix of_phy_provider_lookup to return PHY provider for sub node") > Cc: stable@vger.kernel.org > Signed-off-by: Zijun Hu <quic_zijuhu@quicinc.com> Looks good. Reviewed-by: Johan Hovold <johan+linaro@kernel.org>
diff --git a/drivers/phy/phy-core.c b/drivers/phy/phy-core.c index 967878b78797..de0264dfc387 100644 --- a/drivers/phy/phy-core.c +++ b/drivers/phy/phy-core.c @@ -145,8 +145,10 @@ static struct phy_provider *of_phy_provider_lookup(struct device_node *node) return phy_provider; for_each_child_of_node(phy_provider->children, child) - if (child == node) + if (child == node) { + of_node_put(child); return phy_provider; + } } return ERR_PTR(-EPROBE_DEFER);