cxl: Fix NULL pointer dereference on kernel contexts with no AFU interrupts

If a kernel context is initialised and does not have any AFU interrupts
allocated it will cause a NULL pointer dereference when the context is
detached since the irq_names list will not have been initialised.

Move the initialisation of the irq_names list into the cxl_context_init
routine so that it will be valid for the entire lifetime of the context
and will not cause a NULL pointer dereference.

Signed-off-by: Ian Munsie <imunsie@au1.ibm.com>
Reviewed-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>

diff --git a/drivers/misc/cxl/context.c b/drivers/misc/cxl/context.c
index 26d206b1d08c8f62fec387db108fa19ce4926c71..edbb99e9311433ed54c5f5249af5c1fa0cb5de82 100644 (file)
--- a/drivers/misc/cxl/context.c
+++ b/drivers/misc/cxl/context.c
@@ -67,6 +67,8 @@ int cxl_context_init(struct cxl_context *ctx, struct cxl_afu *afu, bool master,
        ctx->pending_fault = false;
        ctx->pending_afu_err = false;
 
+       INIT_LIST_HEAD(&ctx->irq_names);
+
        /*
         * When we have to destroy all contexts in cxl_context_detach_all() we
         * end up with afu_release_irqs() called from inside a

diff --git a/drivers/misc/cxl/irq.c b/drivers/misc/cxl/irq.c
index 8def4553acbaabe0307af131f321fb0d42397e91..f3a7d4aa1cd53a5c029ff0d8c01dc485ea1d2296 100644 (file)
--- a/drivers/misc/cxl/irq.c
+++ b/drivers/misc/cxl/irq.c
@@ -260,9 +260,6 @@ int afu_allocate_irqs(struct cxl_context *ctx, u32 count)
        else
                alloc_count = count + 1;
 
-       /* Initialize the list head to hold irq names */
-       INIT_LIST_HEAD(&ctx->irq_names);
-
        if ((rc = cxl_ops->alloc_irq_ranges(&ctx->irqs, ctx->afu->adapter,
                                                        alloc_count)))
                return rc;