Commit d6077df7 authored by Vinicius Costa Gomes's avatar Vinicius Costa Gomes Committed by Vinod Koul
Browse files

dmaengine: idxd: Fix possible invalid memory access after FLR 



In the case that the first Function Level Reset (FLR) concludes
correctly, but in the second FLR the scratch area for the saved
configuration cannot be allocated, it's possible for a invalid memory
access to happen.

Always set the deallocated scratch area to NULL after FLR completes.

Fixes: 98d187a9 ("dmaengine: idxd: Enable Function Level Reset (FLR) for halt")
Reviewed-by: default avatarDave Jiang <dave.jiang@intel.com>
Signed-off-by: default avatarVinicius Costa Gomes <vinicius.gomes@intel.com>
Link: https://patch.msgid.link/20260121-idxd-fix-flr-on-kernel-queues-v3-v3-3-7ed70658a9d1@intel.com


Signed-off-by: default avatarVinod Koul <vkoul@kernel.org>
parent 52d2edea

drivers/dma/idxd/init.c

+1 −0
Original line number Diff line number Diff line
@@ -1146,6 +1146,7 @@ static void idxd_reset_done(struct pci_dev *pdev) 
	}

out:

	kfree(idxd->idxd_saved);

	idxd->idxd_saved = NULL;

}



static const struct pci_error_handlers idxd_error_handler = {