| Message ID | e50359f9211fcdc342401806ab65aa092c63e7b9.1525242772.git.sbobroff@linux.ibm.com (mailing list archive) |
|---|---|
| State | Changes Requested |
| Headers | show |
| Series | EEH refactoring 2 | expand |
Sam Bobroff <sbobroff@linux.ibm.com> writes: > Correct two cases where eeh_pcid_get() is used to reference the driver's > module but the reference is dropped before the driver pointer is used. > > In eeh_rmv_device() also refactor a little so that only two calls to > eeh_pcid_put() are needed, rather than three and the reference isn't > taken at all if it wasn't needed. This sounds like a crash or memory corruption bug? But it doesn't have Fixes or Cc: stable. Is it not a major problem for some reason? cheers
On Fri, May 04, 2018 at 12:56:55PM +1000, Michael Ellerman wrote: > Sam Bobroff <sbobroff@linux.ibm.com> writes: > > > Correct two cases where eeh_pcid_get() is used to reference the driver's > > module but the reference is dropped before the driver pointer is used. > > > > In eeh_rmv_device() also refactor a little so that only two calls to > > eeh_pcid_put() are needed, rather than three and the reference isn't > > taken at all if it wasn't needed. > > This sounds like a crash or memory corruption bug? > > But it doesn't have Fixes or Cc: stable. Is it not a major problem for > some reason? Only that I've exercised that code path a fair bit during testing and never managed to cause a problem with it. I found it by inspection. Do you think I should mark it fixes or stable in the next version? > cheers >
diff --git a/arch/powerpc/kernel/eeh_driver.c b/arch/powerpc/kernel/eeh_driver.c index 07e0a42035ce..54333f6c9d67 100644 --- a/arch/powerpc/kernel/eeh_driver.c +++ b/arch/powerpc/kernel/eeh_driver.c @@ -458,9 +458,11 @@ static void *eeh_add_virt_device(void *data, void *userdata) driver = eeh_pcid_get(dev); if (driver) { - eeh_pcid_put(dev); - if (driver->err_handler) + if (driver->err_handler) { + eeh_pcid_put(dev); return NULL; + } + eeh_pcid_put(dev); } #ifdef CONFIG_PCI_IOV @@ -497,17 +499,19 @@ static void *eeh_rmv_device(void *data, void *userdata) if (eeh_dev_removed(edev)) return NULL; - driver = eeh_pcid_get(dev); - if (driver) { - eeh_pcid_put(dev); - if (removed && - eeh_pe_passed(edev->pe)) - return NULL; - if (removed && - driver->err_handler && - driver->err_handler->error_detected && - driver->err_handler->slot_reset) + if (removed) { + if (eeh_pe_passed(edev->pe)) return NULL; + driver = eeh_pcid_get(dev); + if (driver) { + if (driver->err_handler && + driver->err_handler->error_detected && + driver->err_handler->slot_reset) { + eeh_pcid_put(dev); + return NULL; + } + eeh_pcid_put(dev); + } } /* Remove it from PCI subsystem */
Correct two cases where eeh_pcid_get() is used to reference the driver's module but the reference is dropped before the driver pointer is used. In eeh_rmv_device() also refactor a little so that only two calls to eeh_pcid_put() are needed, rather than three and the reference isn't taken at all if it wasn't needed. Signed-off-by: Sam Bobroff <sbobroff@linux.ibm.com> --- arch/powerpc/kernel/eeh_driver.c | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-)