From 17530e71e0166a37f8e20a9b7bcf1d50ae3cff8e Mon Sep 17 00:00:00 2001 From: Jakub Kicinski Date: Mon, 22 May 2017 15:50:23 -0700 Subject: PCI: Protect pci_driver->sriov_configure() usage with device_lock() Every method in struct device_driver or structures derived from it like struct pci_driver MUST provide exclusion vs the driver's ->remove() method, usually by using device_lock(). Protect use of pci_driver->sriov_configure() by holding the device lock while calling it. The PCI core sets the pci_dev->driver pointer in local_pci_probe() before calling ->probe() and only clears it after ->remove(). This means driver's ->sriov_configure() callback will happily race with probe() and remove(), most likely leading to BUGs, since drivers don't expect this. Remove the iov lock completely, since we remove the last user. [bhelgaas: changelog, thanks to Christoph for locking rule] Link: http://lkml.kernel.org/r/20170522225023.14010-1-jakub.kicinski@netronome.com Signed-off-by: Jakub Kicinski Signed-off-by: Bjorn Helgaas Reviewed-by: Christoph Hellwig --- drivers/pci/iov.c | 4 ---- 1 file changed, 4 deletions(-) (limited to 'drivers/pci/iov.c') diff --git a/drivers/pci/iov.c b/drivers/pci/iov.c index d9dc7363ac77..120485d6f352 100644 --- a/drivers/pci/iov.c +++ b/drivers/pci/iov.c @@ -461,8 +461,6 @@ found: else iov->dev = dev; - mutex_init(&iov->lock); - dev->sriov = iov; dev->is_physfn = 1; rc = compute_max_vf_buses(dev); @@ -491,8 +489,6 @@ static void sriov_release(struct pci_dev *dev) if (dev != dev->sriov->dev) pci_dev_put(dev->sriov->dev); - mutex_destroy(&dev->sriov->lock); - kfree(dev->sriov); dev->sriov = NULL; } -- cgit v1.2.3