1 From foo@baz Sat Jul 28 10:25:26 CEST 2018
2 From: Sam Bobroff <sbobroff@linux.ibm.com>
3 Date: Fri, 25 May 2018 13:11:30 +1000
4 Subject: powerpc/eeh: Fix use-after-release of EEH driver
6 From: Sam Bobroff <sbobroff@linux.ibm.com>
8 [ Upstream commit 46d4be41b987a6b2d25a2ebdd94cafb44e21d6c5 ]
10 Correct two cases where eeh_pcid_get() is used to reference the driver's
11 module but the reference is dropped before the driver pointer is used.
13 In eeh_rmv_device() also refactor a little so that only two calls to
14 eeh_pcid_put() are needed, rather than three and the reference isn't
15 taken at all if it wasn't needed.
17 Signed-off-by: Sam Bobroff <sbobroff@linux.ibm.com>
18 Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
19 Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
20 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
22 arch/powerpc/kernel/eeh_driver.c | 28 ++++++++++++++++------------
23 1 file changed, 16 insertions(+), 12 deletions(-)
25 --- a/arch/powerpc/kernel/eeh_driver.c
26 +++ b/arch/powerpc/kernel/eeh_driver.c
27 @@ -450,9 +450,11 @@ static void *eeh_add_virt_device(void *d
29 driver = eeh_pcid_get(dev);
32 - if (driver->err_handler)
33 + if (driver->err_handler) {
40 #ifdef CONFIG_PPC_POWERNV
41 @@ -489,17 +491,19 @@ static void *eeh_rmv_device(void *data,
42 if (eeh_dev_removed(edev))
45 - driver = eeh_pcid_get(dev);
49 - eeh_pe_passed(edev->pe))
52 - driver->err_handler &&
53 - driver->err_handler->error_detected &&
54 - driver->err_handler->slot_reset)
56 + if (eeh_pe_passed(edev->pe))
58 + driver = eeh_pcid_get(dev);
60 + if (driver->err_handler &&
61 + driver->err_handler->error_detected &&
62 + driver->err_handler->slot_reset) {
70 /* Remove it from PCI subsystem */
projects / thirdparty / kernel / stable-queue.git / blob