Linux Kernel Qcom Iris Module Removal Vulnerability After Firmware Load Failure

A vulnerability exists in the Linux kernel's handling of the Qcom Iris video codec module. When the firmware download fails, the module removal process can lead to a runtime power management usage count underflow. This issue is triggered by unbinding the module after a failed initialization, causing several clocks to be disabled improperly, as indicated by warnings from the clock management subsystem. The problem arises in the Qcom Iris driver for the AA00000 video codec, specifically related to the handling of firmware loading and module state management.

Impact

The vulnerability causes a runtime power management usage count underflow, which can disrupt the normal power management operations of the affected device, potentially leading to increased power consumption or other unintended side effects.

Reproduction

The vulnerability can be reproduced by attempting to load the Qcom Iris video codec module (aa00000.video-codec) without the necessary firmware. This can be done by unbinding the module from the platform drivers, which triggers the removal process. Since the firmware load will fail, the module will not be properly initialized, leading to a power management usage count underflow as the module is removed.

Remediation

Users can ensure that the necessary firmware is available and loaded before binding the Qcom Iris video codec module. If the firmware load fails, the module should not be unbound until the issue is resolved.