From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 269B91DED53 for ; Fri, 20 Jun 2025 05:42:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750398127; cv=none; b=HVqlywmdPbnkFPXvWN4nRq7d1fIw23r2Lup+dD6u22f2KL1XLHNrMI6kjo6neuNYJEcTMn6C4/qR+odgWypTY9MVqVBaPnDvLLwZrKqsOBGzqk08LtU6Lj273rUpV8hMd+41CG8nYmS2i+AK6kmHlCnkgWYAhDYhZELNrwH35BM= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1750398127; c=relaxed/simple; bh=TueNADCSFuYqCcz4+seS5hx/1i624FOaIBFkf81V3XM=; h=Subject:To:Cc:From:Date:Message-ID:MIME-Version:Content-Type; b=j+HXOL2dV6iu1Obm7MUkYeiMZ20GJKEClSvnCPwNlKV/aUZ96PgAmiJliOf7Ub3e1l1BWfDcXLl+L1NPySdfcUmmGlNjMECOyoA4UqZIC95KzhuIuZsgA1VBpWX+L+7hPHLd2OT6OdTCzpLsM+XeqfcILXnFXCgsqv8OCrMszqQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b=TN9VrVfi; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="TN9VrVfi" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 86A58C4CEE3; Fri, 20 Jun 2025 05:42:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1750398127; bh=TueNADCSFuYqCcz4+seS5hx/1i624FOaIBFkf81V3XM=; h=Subject:To:Cc:From:Date:From; b=TN9VrVfiMnofUxYmS11NiX6FDqkR53Pmt1vuN5edfFzR0l/NARGBep57eap9mTU+M A57wuGnXthF+jBRUB+S6wp5ARPrlaUhDEzHQzf3FTlglFzVLEVLZ4h9RsNIH2fHsoL 6VO7c77luMouCTbNXXMYulVskKo1fn1UBAEzFEkE= Subject: FAILED: patch "[PATCH] s390/pci: Prevent self deletion in disable_slot()" failed to apply to 6.1-stable tree To: schnelle@linux.ibm.com,gbayer@linux.ibm.com,hca@linux.ibm.com Cc: From: Date: Fri, 20 Jun 2025 07:41:53 +0200 Message-ID: <2025062053-bubble-plausible-db18@gregkh> Precedence: bulk X-Mailing-List: stable@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 8bit The patch below does not apply to the 6.1-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to . To reproduce the conflict and resubmit, you may use the following commands: git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-6.1.y git checkout FETCH_HEAD git cherry-pick -x 47c397844869ad0e6738afb5879c7492f4691122 # git commit -s git send-email --to '' --in-reply-to '2025062053-bubble-plausible-db18@gregkh' --subject-prefix 'PATCH 6.1.y' HEAD^.. Possible dependencies: thanks, greg k-h ------------------ original commit in Linus's tree ------------------ >From 47c397844869ad0e6738afb5879c7492f4691122 Mon Sep 17 00:00:00 2001 From: Niklas Schnelle Date: Thu, 22 May 2025 14:13:13 +0200 Subject: [PATCH] s390/pci: Prevent self deletion in disable_slot() As disable_slot() takes a struct zpci_dev from the Configured to the Standby state. In Standby there is still a hotplug slot so this is not usually a case of sysfs self deletion. This is important because self deletion gets very hairy in terms of locking (see for example recover_store() in arch/s390/pci/pci_sysfs.c). Because the pci_dev_put() is not within the critical section of the zdev->state_lock however, disable_slot() can turn into a case of self deletion if zPCI device event handling slips between the mutex_unlock() and the pci_dev_put(). If the latter is the last put and zpci_release_device() is called this then tries to remove the hotplug slot via zpci_exit_slot() which will try to remove the hotplug slot directory the disable_slot() is part of i.e. self deletion. Prevent this by widening the zdev->state_lock critical section to include the pci_dev_put() which is then guaranteed to happen with the struct zpci_dev still in Standby state ensuring it will not lead to a zpci_release_device() call as at least the zPCI event handling code still holds a reference. Cc: stable@vger.kernel.org Fixes: a46044a92add ("s390/pci: fix zpci_zdev_put() on reserve") Reviewed-by: Gerd Bayer Tested-by: Gerd Bayer Signed-off-by: Niklas Schnelle Signed-off-by: Heiko Carstens diff --git a/drivers/pci/hotplug/s390_pci_hpc.c b/drivers/pci/hotplug/s390_pci_hpc.c index 055518ee354d..3d26d273f29d 100644 --- a/drivers/pci/hotplug/s390_pci_hpc.c +++ b/drivers/pci/hotplug/s390_pci_hpc.c @@ -66,9 +66,9 @@ static int disable_slot(struct hotplug_slot *hotplug_slot) rc = zpci_deconfigure_device(zdev); out: - mutex_unlock(&zdev->state_lock); if (pdev) pci_dev_put(pdev); + mutex_unlock(&zdev->state_lock); return rc; }