On Fri, Mar 1, 2019 at 10:54 AM Sven Van Asbroeck <thesve...@gmail.com> wrote: > > In remove(), ensure that the pme work cannot run after kfree() > is called. Otherwise, this could result in a use-after-free. > > This issue was detected with the help of Coccinelle. > > Cc: Sinan Kaya <ok...@kernel.org> > Cc: Frederick Lawler <f...@fredlawl.com> > Cc: Mika Westerberg <mika.westerb...@linux.intel.com> > Cc: Keith Busch <keith.bu...@intel.com> > Cc: Rafael J. Wysocki <rafael.j.wyso...@intel.com> > Signed-off-by: Sven Van Asbroeck <thesve...@gmail.com>
Applied to pci/pm for v5.1, thanks! > --- > drivers/pci/pcie/pme.c | 1 + > 1 file changed, 1 insertion(+) > > v2: > rebased against Bjorn Helgaas's pcm/pm branch at > git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci.git > > diff --git a/drivers/pci/pcie/pme.c b/drivers/pci/pcie/pme.c > index efa5b552914b..54d593d10396 100644 > --- a/drivers/pci/pcie/pme.c > +++ b/drivers/pci/pcie/pme.c > @@ -437,6 +437,7 @@ static void pcie_pme_remove(struct pcie_device *srv) > > pcie_pme_disable_interrupt(srv->port, data); > free_irq(srv->irq, srv); > + cancel_work_sync(&data->work); > kfree(data); > } > > -- > 2.17.1 >
