On Fri, Mar 1, 2019 at 10:54 AM Sven Van Asbroeck <[email protected]> wrote: > > In remove(), ensure that the pme work cannot run after kfree() > is called. Otherwise, this could result in a use-after-free. > > This issue was detected with the help of Coccinelle. > > Cc: Sinan Kaya <[email protected]> > Cc: Frederick Lawler <[email protected]> > Cc: Mika Westerberg <[email protected]> > Cc: Keith Busch <[email protected]> > Cc: Rafael J. Wysocki <[email protected]> > Signed-off-by: Sven Van Asbroeck <[email protected]>
Applied to pci/pm for v5.1, thanks! > --- > drivers/pci/pcie/pme.c | 1 + > 1 file changed, 1 insertion(+) > > v2: > rebased against Bjorn Helgaas's pcm/pm branch at > git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci.git > > diff --git a/drivers/pci/pcie/pme.c b/drivers/pci/pcie/pme.c > index efa5b552914b..54d593d10396 100644 > --- a/drivers/pci/pcie/pme.c > +++ b/drivers/pci/pcie/pme.c > @@ -437,6 +437,7 @@ static void pcie_pme_remove(struct pcie_device *srv) > > pcie_pme_disable_interrupt(srv->port, data); > free_irq(srv->irq, srv); > + cancel_work_sync(&data->work); > kfree(data); > } > > -- > 2.17.1 >
