drivers/spi/spi-mpc52xx.c | 3 +++ 1 file changed, 3 insertions(+)
Make sure to disable and free the interrupts in case controller
registration fails to avoid a potential use-after-free and resource
leak.
This issue was flagged by Sashiko when reviewing a controller
deregistration fix.
Fixes: 42bbb70980f3 ("powerpc/5200: Add mpc5200-spi (non-PSC) device driver")
Cc: stable@vger.kernel.org # 2.6.33
Cc: Grant Likely <grant.likely@secretlab.ca>
Link: https://sashiko.dev/#/patchset/20260414134319.978196-1-johan%40kernel.org?part=3
Signed-off-by: Johan Hovold <johan@kernel.org>
---
drivers/spi/spi-mpc52xx.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/spi/spi-mpc52xx.c b/drivers/spi/spi-mpc52xx.c
index c8c8e6bdf421..924d820448fb 100644
--- a/drivers/spi/spi-mpc52xx.c
+++ b/drivers/spi/spi-mpc52xx.c
@@ -498,6 +498,9 @@ static int mpc52xx_spi_probe(struct platform_device *op)
err_register:
dev_err(&ms->host->dev, "initialization failed\n");
+ free_irq(ms->irq0, ms);
+ free_irq(ms->irq1, ms);
+ cancel_work_sync(&ms->work);
err_gpio:
while (i-- > 0)
gpiod_put(ms->gpio_cs[i]);
--
2.52.0On Tue, 21 Apr 2026 14:58:00 +0200, Johan Hovold wrote:
> spi: mpc52xx: fix use-after-free on registration failure
Applied to
https://git.kernel.org/pub/scm/linux/kernel/git/broonie/spi.git for-7.1
Thanks!
[1/1] spi: mpc52xx: fix use-after-free on registration failure
https://git.kernel.org/broonie/spi/c/f62c060272b9
All being well this means that it will be integrated into the linux-next
tree (usually sometime in the next 24 hours) and sent to Linus during
the next merge window (or sooner if it is a bug fix), however if
problems are discovered then the patch may be dropped or reverted.
You may get further e-mails resulting from automated or manual testing
and review of the tree, please engage with people reporting problems and
send followup patches addressing any issues that are reported if needed.
If any updates are required or you are submitting further changes they
should be sent as incremental updates against current git, existing
patches will not be replaced.
Please add any relevant lists and maintainers to the CCs when replying
to this mail.
Thanks,
Mark
On Tue, Apr 21, 2026 at 02:58:00PM +0200, Johan Hovold wrote:
> Make sure to disable and free the interrupts in case controller
> registration fails to avoid a potential use-after-free and resource
> leak.
>
> This issue was flagged by Sashiko when reviewing a controller
> deregistration fix.
>
> Fixes: 42bbb70980f3 ("powerpc/5200: Add mpc5200-spi (non-PSC) device driver")
> Cc: stable@vger.kernel.org # 2.6.33
> Cc: Grant Likely <grant.likely@secretlab.ca>
> Link: https://sashiko.dev/#/patchset/20260414134319.978196-1-johan%40kernel.org?part=3
> Signed-off-by: Johan Hovold <johan@kernel.org>
> ---
This one will need another spin to address some further pre-existing
issues flagged by Sashiko.
Johan
On Wed, Apr 22, 2026 at 05:41:32PM +0200, Johan Hovold wrote: > On Tue, Apr 21, 2026 at 02:58:00PM +0200, Johan Hovold wrote: > > Make sure to disable and free the interrupts in case controller > > registration fails to avoid a potential use-after-free and resource > > leak. > This one will need another spin to address some further pre-existing > issues flagged by Sashiko. Please do an incremental change, it's already in CI with some merges on top of it.
On Wed, Apr 22, 2026 at 06:12:58PM +0100, Mark Brown wrote: > On Wed, Apr 22, 2026 at 05:41:32PM +0200, Johan Hovold wrote: > > On Tue, Apr 21, 2026 at 02:58:00PM +0200, Johan Hovold wrote: > > > Make sure to disable and free the interrupts in case controller > > > registration fails to avoid a potential use-after-free and resource > > > leak. > > > This one will need another spin to address some further pre-existing > > issues flagged by Sashiko. > > Please do an incremental change, it's already in CI with some merges on > top of it. False alarm. Sashiko flagged the freeing of interrupt zero as triggering a warning, but that should only be the case on x86. I've sent a clean up patch for this here: https://lore.kernel.org/r/20260423075801.2252318-1-johan@kernel.org Johan
© 2016 - 2026 Red Hat, Inc.