[PATCH] powerpc: kernel: pci-common: Fix refcount bug for 'phb->dn'

[Liang He]

In pcibios_alloc_controller(), 'phb' is allocated and escaped into
global 'hose_list'. So we should call of_node_get() when a new reference
created into 'phb->dn'. And when phb is freed, we should call
of_node_put() on it.

NOTE: This function is called in the iteration of for_each_xx in
chrp_find_bridges() function. If there is no of_node_get(), the object
maybe prematurely freed.

Signed-off-by: Liang He <windhl at 126.com>
---

 I do not know if we should insert the of_node_put() in or out of the
spin_lock/spin_unlock. Please check it carefully.

 arch/powerpc/kernel/pci-common.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/arch/powerpc/kernel/pci-common.c b/arch/powerpc/kernel/pci-common.c
index 068410cd54a3..f58dcf3a92bb 100644
--- a/arch/powerpc/kernel/pci-common.c
+++ b/arch/powerpc/kernel/pci-common.c
@@ -117,7 +117,7 @@ struct pci_controller *pcibios_alloc_controller(struct device_node *dev)
 	phb->global_number = get_phb_number(dev);
 	list_add_tail(&phb->list_node, &hose_list);
 	spin_unlock(&hose_spinlock);
-	phb->dn = dev;
+	phb->dn = of_node_get(dev);
 	phb->is_dynamic = slab_is_available();
 #ifdef CONFIG_PPC64
 	if (dev) {
@@ -140,7 +140,7 @@ void pcibios_free_controller(struct pci_controller *phb)
 	/* Clear bit of phb_bitmap to allow reuse of this PHB number. */
 	if (phb->global_number < MAX_PHBS)
 		clear_bit(phb->global_number, phb_bitmap);
-
+	of_node_put(phb->dn);
 	list_del(&phb->list_node);
 	spin_unlock(&hose_spinlock);
 
-- 
2.25.1