On Fri, Mar 1, 2019 at 10:54 AM Sven Van Asbroeck <thesven73@xxxxxxxxx> wrote: > > In remove(), ensure that the pme work cannot run after kfree() > is called. Otherwise, this could result in a use-after-free. > > This issue was detected with the help of Coccinelle. > > Cc: Sinan Kaya <okaya@xxxxxxxxxx> > Cc: Frederick Lawler <fred@xxxxxxxxxxxx> > Cc: Mika Westerberg <mika.westerberg@xxxxxxxxxxxxxxx> > Cc: Keith Busch <keith.busch@xxxxxxxxx> > Cc: Rafael J. Wysocki <rafael.j.wysocki@xxxxxxxxx> > Signed-off-by: Sven Van Asbroeck <TheSven73@xxxxxxxxx> Applied to pci/pm for v5.1, thanks! > --- > drivers/pci/pcie/pme.c | 1 + > 1 file changed, 1 insertion(+) > > v2: > rebased against Bjorn Helgaas's pcm/pm branch at > git://git.kernel.org/pub/scm/linux/kernel/git/helgaas/pci.git > > diff --git a/drivers/pci/pcie/pme.c b/drivers/pci/pcie/pme.c > index efa5b552914b..54d593d10396 100644 > --- a/drivers/pci/pcie/pme.c > +++ b/drivers/pci/pcie/pme.c > @@ -437,6 +437,7 @@ static void pcie_pme_remove(struct pcie_device *srv) > > pcie_pme_disable_interrupt(srv->port, data); > free_irq(srv->irq, srv); > + cancel_work_sync(&data->work); > kfree(data); > } > > -- > 2.17.1 >
