Commit ec6c8059 authored by Alexander Lobakin's avatar Alexander Lobakin Committed by David S. Miller
Browse files

net: qede: fix use-after-free on recovery and AER handling 



Set edev->cdev pointer to NULL after calling remove() callback to avoid
using of already freed object.

Fixes: ccc67ef5 ("qede: Error recovery process")
Signed-off-by: default avatarAlexander Lobakin <alobakin@marvell.com>
Signed-off-by: default avatarIgor Russkikh <irusskikh@marvell.com>
Signed-off-by: default avatarMichal Kalderon <michal.kalderon@marvell.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 1c85f394

drivers/net/ethernet/qlogic/qede/qede_main.c

+1 −0
Original line number Diff line number Diff line
@@ -1318,6 +1318,7 @@ static void __qede_remove(struct pci_dev *pdev, enum qede_remove_mode mode) 
	if (system_state == SYSTEM_POWER_OFF)

		return;

	qed_ops->common->remove(cdev);

	edev->cdev = NULL;



	/* Since this can happen out-of-sync with other flows,

	 * don't release the netdevice until after slowpath stop

CRA Git | Maintained and supported by SUSTech CRA and CCSE