On Sun, Sep 27, 2020 at 11:27:46AM -0400, Sinan Kaya wrote:
> On 9/26/2020 11:28 PM, Ethan Zhao wrote:
> > --- a/drivers/pci/hotplug/pciehp_hpc.c
> > +++ b/drivers/pci/hotplug/pciehp_hpc.c
> > @@ -710,8 +710,10 @@ static irqreturn_t pciehp_ist(int irq, void *dev_id)
> > down_read(&ctrl->reset_lock);
> > if (events & DISABLE_SLOT)
> > pciehp_handle_disable_request(ctrl);
> > - else if (events & (PCI_EXP_SLTSTA_PDC | PCI_EXP_SLTSTA_DLLSC))
> > + else if (events & (PCI_EXP_SLTSTA_PDC | PCI_EXP_SLTSTA_DLLSC)) {
> > + pci_wait_port_outdpc(pdev);
> > pciehp_handle_presence_or_link_change(ctrl, events);
> > + }
> > up_read(&ctrl->reset_lock);
>
> This looks like a hack TBH.
>
> Lukas, Keith;
>
> What is your take on this?
> Why is device lock not protecting this situation?
>
> Is there a lock missing in hotplug driver?
According to Ethan's commit message, there are two issues here:
One, that pciehp may remove a device even though DPC recovered the error,
and two, that a null pointer deref occurs.
The latter is most certainly not a locking issue but failure of DPC
to hold a reference on the pci_dev.
Thanks,
Lukas
