PCI ASPM: fix possible null pointer dereference
authorKenji Kaneshige <kaneshige.kenji@jp.fujitsu.com>
Wed, 19 Aug 2009 01:58:46 +0000 (10:58 +0900)
committerJesse Barnes <jbarnes@virtuousgeek.org>
Wed, 9 Sep 2009 20:29:45 +0000 (13:29 -0700)
Fix possible NULL dereference in pcie_aspm_exit_link_state(). This
patch also cleanup some code.

Acked-by: Shaohua Li <shaohua.li@intel.com>
Signed-off-by: Kenji Kaneshige <kaneshige.kenji@jp.fujitsu.com>
Signed-off-by: Jesse Barnes <jbarnes@virtuousgeek.org>
drivers/pci/pcie/aspm.c

index 638881b00f6befba93944906b2b3c2670e42c140..0800c51468265ca42c8a93344d7b94692bc18ac8 100644 (file)
@@ -665,16 +665,16 @@ out:
 void pcie_aspm_exit_link_state(struct pci_dev *pdev)
 {
        struct pci_dev *parent = pdev->bus->self;
-       struct pcie_link_state *link_state = parent->link_state;
+       struct pcie_link_state *link;
 
-       if (aspm_disabled || !pdev->is_pcie || !parent || !link_state)
+       if (aspm_disabled || !pdev->is_pcie || !parent || !parent->link_state)
                return;
        if (parent->pcie_type != PCI_EXP_TYPE_ROOT_PORT &&
-               parent->pcie_type != PCI_EXP_TYPE_DOWNSTREAM)
+           parent->pcie_type != PCI_EXP_TYPE_DOWNSTREAM)
                return;
+
        down_read(&pci_bus_sem);
        mutex_lock(&aspm_lock);
-
        /*
         * All PCIe functions are in one slot, remove one function will remove
         * the whole slot, so just wait until we are the last function left.
@@ -682,13 +682,14 @@ void pcie_aspm_exit_link_state(struct pci_dev *pdev)
        if (!list_is_last(&pdev->bus_list, &parent->subordinate->devices))
                goto out;
 
+       link = parent->link_state;
+
        /* All functions are removed, so just disable ASPM for the link */
        __pcie_aspm_config_one_dev(parent, 0);
-       list_del(&link_state->sibling);
-       list_del(&link_state->link);
+       list_del(&link->sibling);
+       list_del(&link->link);
        /* Clock PM is for endpoint device */
-
-       free_link_state(link_state);
+       free_link_state(link);
 out:
        mutex_unlock(&aspm_lock);
        up_read(&pci_bus_sem);