PCI: Protect pci_error_handlers->reset_notify() usage with device_lock()
authorChristoph Hellwig <hch@lst.de>
Thu, 1 Jun 2017 11:10:37 +0000 (13:10 +0200)
committerBjorn Helgaas <bhelgaas@google.com>
Thu, 15 Jun 2017 02:49:13 +0000 (21:49 -0500)
commitb014e96d1abbd67404bbe2018937b46466299e9e
tree38b5d4431d8a8305423cc010443ceecb8ad8bde4
parent17530e71e0166a37f8e20a9b7bcf1d50ae3cff8e
PCI: Protect pci_error_handlers->reset_notify() usage with device_lock()

Every method in struct device_driver or structures derived from it like
struct pci_driver MUST provide exclusion vs the driver's ->remove() method,
usually by using device_lock().

Protect use of pci_error_handlers->reset_notify() by holding the device
lock while calling it.

Note:

  - pci_dev_lock() calls device_lock() in addition to blocking user-space
    config accesses.

  - pci_err_handlers->reset_notify() is used inside
    pci_dev_save_and_disable() and pci_dev_restore().  We could hold the
    device lock directly in pci_reset_notify(), but we expand the region
    since we have several calls following each other.

Without this, ->reset_notify() may race with ->remove() calls, which can be
easily triggered in NVMe.

[bhelgaas: changelog, add pci_reset_notify() comment]
[bhelgaas: fold in fix from Dan Carpenter <dan.carpenter@oracle.com>:
http://lkml.kernel.org/r/20170701135323.x5vaj4e2wcs2mcro@mwanda]
Link: http://lkml.kernel.org/r/20170601111039.8913-2-hch@lst.de
Reported-by: Rakesh Pandit <rakesh@tuxera.com>
Tested-by: Rakesh Pandit <rakesh@tuxera.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Bjorn Helgaas <bhelgaas@google.com>
drivers/pci/pci.c