Jiri Slaby wrote: > set_lock_status omits mutex_unlock in fail path. Add the omitted > unlock. > > As a result a lockup caused by this can be triggered from userspace > by writing 1 to /sys/bus/pci/slots/.../lock often enough. > > Signed-off-by: Jiri Slaby <jirislaby@xxxxxxxxx> > Cc: Kristen Carlson Accardi <kristen.c.accardi@xxxxxxxxx> > Cc: Jesse Barnes <jbarnes@xxxxxxxxxxxxxxxx> > --- > drivers/pci/hotplug/pciehp_core.c | 4 +++- > 1 files changed, 3 insertions(+), 1 deletions(-) > > diff --git a/drivers/pci/hotplug/pciehp_core.c b/drivers/pci/hotplug/pciehp_core.c > index 5482d4e..c248554 100644 > --- a/drivers/pci/hotplug/pciehp_core.c > +++ b/drivers/pci/hotplug/pciehp_core.c > @@ -126,8 +126,10 @@ static int set_lock_status(struct hotplug_slot *hotplug_slot, u8 status) > mutex_lock(&slot->ctrl->crit_sect); > > /* has it been >1 sec since our last toggle? */ > - if ((get_seconds() - slot->last_emi_toggle) < 1) > + if ((get_seconds() - slot->last_emi_toggle) < 1) { > + mutex_unlock(&slot->ctrl->crit_sect); > return -EINVAL; > + } > > /* see what our current state is */ > retval = get_lock_status(hotplug_slot, &value); Good catch! Reviewed-by: Kenji Kaneshige <kaneshige.kenji@xxxxxxxxxxxxxx> Thanks, Kenji Kaneshige -- To unsubscribe from this list: send the line "unsubscribe linux-pci" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html