review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Oliver O'Halloran <oohall@gmail.com>
	Tue, 3 Sep 2019 10:15:53 +0000 (20:15 +1000)
committer	Michael Ellerman <mpe@ellerman.id.au>
	Thu, 5 Sep 2019 04:22:37 +0000 (14:22 +1000)
commit	5ef753ae435a5cea8af5c84a65fc5dd30b773040
tree	5050cf586279076ec95afeecc97cceed54b3f32e	tree \| snapshot
parent	799abe283e5103d48e079149579b4f167c95ea0e	commit \| diff

powerpc/eeh: Fix race when freeing PDNs

When hot-adding devices we rely on the hotplug driver to create pci_dn's
for the devices under the hotplug slot. Converse, when hot-removing the
driver will remove the pci_dn's that it created. This is a problem because
the pci_dev is still live until it's refcount drops to zero. This can
happen if the driver is slow to tear down it's internal state. Ideally, the
driver would not attempt to perform any config accesses to the device once
it's been marked as removed, but sometimes it happens. As a result, we
might attempt to access the pci_dn for a device that has been torn down and
the kernel may crash as a result.

To fix this, don't free the pci_dn unless the corresponding pci_dev has
been released. If the pci_dev is still live, then we mark the pci_dn with
a flag that indicates the pci_dev's release function should free it.

Signed-off-by: Oliver O'Halloran <oohall@gmail.com>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://lore.kernel.org/r/20190903101605.2890-3-oohall@gmail.com

arch/powerpc/include/asm/pci-bridge.h		diff \| blob \| history
arch/powerpc/kernel/pci-hotplug.c		diff \| blob \| history
arch/powerpc/kernel/pci_dn.c		diff \| blob \| history