Linux Kernel QAT Driver IRQ Cleanup Vulnerability on Probe Failure

A vulnerability exists in the Linux kernel's Intel QAT driver for the 6xxx series, related to improper IRQ cleanup during the device probe process. When the function 'adf_dev_up()' fails after partially completing, the IRQ handlers that were registered are not detached before the MSI-X vectors are released. This issue arises because the device, once enabled, registers a release action that, upon failure, frees the IRQ vectors while the handlers remain attached. The consequence is a warning about removing a non-empty directory, indicating a leak of the attached IRQ handler. The vulnerability has been addressed by explicitly calling 'adf_dev_down()' to free the IRQ handlers before the MSI-X vectors are released, ensuring proper cleanup and preventing the warning.

Impact

Failure to properly detach IRQ handlers before releasing MSI-X vectors, leading to warnings about non-empty IRQ directories and potential resource leaks.

Reproduction

The vulnerability can be reproduced by probing a QAT 6xxx device that causes 'adf_dev_up()' to fail after it has started. This failure leaves the IRQ handlers attached while the MSI-X vectors are freed, creating a mismatch that triggers the cleanup warnings.

Remediation

Users can apply the latest patches available in the Linux kernel stable tree to address this vulnerability.