From: Zijun Hu <quic_zijuhu@xxxxxxxxxxx> commit 688d2eb4c6fcfdcdaed0592f9df9196573ff5ce2 upstream. In addition to a primary endpoint controller, an endpoint function may be associated with a secondary endpoint controller, epf->sec_epc, to provide NTB (non-transparent bridge) functionality. Previously, pci_epc_remove_epf() incorrectly cleared epf->epc instead of epf->sec_epc when removing from the secondary endpoint controller. Extend the epc->list_lock coverage and clear either epf->epc or epf->sec_epc as indicated. Link: https://lore.kernel.org/r/20241107-epc_rfc-v2-2-da5b6a99a66f@xxxxxxxxxxx Fixes: 63840ff53223 ("PCI: endpoint: Add support to associate secondary EPC with EPF") Signed-off-by: Zijun Hu <quic_zijuhu@xxxxxxxxxxx> Reviewed-by: Manivannan Sadhasivam <manivannan.sadhasivam@xxxxxxxxxx> [mani: reworded subject and description] Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam@xxxxxxxxxx> [bhelgaas: commit log] Signed-off-by: Bjorn Helgaas <bhelgaas@xxxxxxxxxx> Signed-off-by: Krzysztof Wilczyński <kwilczynski@xxxxxxxxxx> Cc: stable@xxxxxxxxxxxxxxx Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- drivers/pci/endpoint/pci-epc-core.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) --- a/drivers/pci/endpoint/pci-epc-core.c +++ b/drivers/pci/endpoint/pci-epc-core.c @@ -663,18 +663,18 @@ void pci_epc_remove_epf(struct pci_epc * if (!epc || IS_ERR(epc) || !epf) return; + mutex_lock(&epc->list_lock); if (type == PRIMARY_INTERFACE) { func_no = epf->func_no; list = &epf->list; + epf->epc = NULL; } else { func_no = epf->sec_epc_func_no; list = &epf->sec_epc_list; + epf->sec_epc = NULL; } - - mutex_lock(&epc->list_lock); clear_bit(func_no, &epc->function_num_map); list_del(list); - epf->epc = NULL; mutex_unlock(&epc->list_lock); } EXPORT_SYMBOL_GPL(pci_epc_remove_epf); Patches currently in stable-queue which might be from quic_zijuhu@xxxxxxxxxxx are queue-6.6/pci-endpoint-clear-secondary-not-primary-epc-in-pci_epc_remove_epf.patch