Received: by 2002:a05:6358:9144:b0:117:f937:c515 with SMTP id r4csp3516683rwr; Sat, 29 Apr 2023 08:33:39 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6qWwHpy1hDrYkbkFwrUnCSVBJLprJtKQGyO2H0tlMKUyZya2qhuW8WPK0LNT4fvDj9Zkpc X-Received: by 2002:a17:902:e884:b0:1a9:4b42:a5a2 with SMTP id w4-20020a170902e88400b001a94b42a5a2mr10680854plg.0.1682782419363; Sat, 29 Apr 2023 08:33:39 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1682782419; cv=none; d=google.com; s=arc-20160816; b=iHHjyxEgeMzE4pYbfiXAPUUU19IEEoX0io1jNpsN4njy27eSzlcLRYdxI6dyHvyAMA wMP1WKwytz/LK5azRY7cghZjDZ+8UNFJBveyXrVdS/OB3HFm1/9Q+cOlESAfGEkd00bu dcIoC1dsbkiKt5XZVVceBNH5JEAzk7JWZ8UgF7EgVknRYoafb6Bel1M6PSMzgyRoaa6P PlbIslQc0Y3cW2gEjQJTRBTJAHe9xmX02zRJVsk1sdQlrz0Qo/9Xu45ppP+zOoDMzmkY l7EI9VKlH0XMm3HXBtmp+uSLG5VTsqtyNf94ogAPTdR0kz2LIOwJVPwCGnZ9mHInOQx4 SeRg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:to:content-language:subject:cc:user-agent:mime-version :date:message-id; bh=Rj5et/JVO2Gd3m1ud+cRbZDy2ckyFaBgnjU5rXXDyX4=; b=SWI4BikgpfmbRmO2hARH8xyi3D3T/APwcEAnMwzpvBrEDdbdxBnCZSbV3KjVLKrz80 joYsw81ldzsRn9DZBq6mDEV3q8qMeTFNfw3Sv5dRNfhXQkhgM06/n9CG0ilaAcMAv2Wf Tq6riHYZiC96mP+MBFse4d/eWfrS2nYHMRYwP4X8kk7XEzzW1pW+8vuvpdXm6V4tXhhC OyAi4r4rn5xbxhGO8EhlFzcS7/3WUn2TQcGFhR1uQROaqx5+mmPCUgUkOsxlQPzEad6G 5DQNHKMHSmBObbfPfm69wnA+rqMM5ZypoGxvzEsyF2dxbVPUuk0jXKebpE8j3WU8cl/n qauQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=sangfor.com.cn Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y9-20020a17090264c900b0019a74a00baesi22205645pli.87.2023.04.29.08.33.16; Sat, 29 Apr 2023 08:33:39 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=sangfor.com.cn Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231393AbjD2O6W (ORCPT + 99 others); Sat, 29 Apr 2023 10:58:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41188 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230020AbjD2O6V (ORCPT ); Sat, 29 Apr 2023 10:58:21 -0400 Received: from mail-m11876.qiye.163.com (mail-m11876.qiye.163.com [115.236.118.76]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 218AEE41; Sat, 29 Apr 2023 07:58:17 -0700 (PDT) Received: from [IPV6:240e:3b7:3271:1d90:985e:a7b3:9a2c:27c7] (unknown [IPV6:240e:3b7:3271:1d90:985e:a7b3:9a2c:27c7]) by mail-m11876.qiye.163.com (Hmail) with ESMTPA id CE5393C042D; Sat, 29 Apr 2023 22:58:12 +0800 (CST) Message-ID: <13ea5739-d7d3-cefa-d8d7-540635bbdc19@sangfor.com.cn> Date: Sat, 29 Apr 2023 22:58:12 +0800 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:102.0) Gecko/20100101 Thunderbird/102.8.0 Cc: dinghui@sangfor.com.cn, sathyanarayanan.kuppuswamy@linux.intel.com, vidyas@nvidia.com, david.e.box@linux.intel.com, kai.heng.feng@canonical.com, michael.a.bottini@linux.intel.com, rajatja@google.com, qinzongquan@sangfor.com.cn, linux-pci@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] PCI/ASPM: fix UAF by removing cached downstream Content-Language: en-US To: bhelgaas@google.com References: <20230429132604.31853-1-dinghui@sangfor.com.cn> From: Ding Hui In-Reply-To: <20230429132604.31853-1-dinghui@sangfor.com.cn> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-HM-Spam-Status: e1kfGhgUHx5ZQUpXWQgPGg8OCBgUHx5ZQUlOS1dZFg8aDwILHllBWSg2Ly tZV1koWUFITzdXWS1ZQUlXWQ8JGhUIEh9ZQVlDGU8dVh1OGUxDGk9JGEsfTlUTARMWGhIXJBQOD1 lXWRgSC1lBWUlPSx5BSBlMQUhJTEpBSh9CS0FCQ04eQRpMGUhBQhpJGEFJTBhMWVdZFhoPEhUdFF lBWU9LSFVKSktISkxVSktLVUtZBg++ X-HM-Tid: 0a87cd85882d2eb2kusnce5393c042d X-HM-MType: 1 X-HM-Sender-Digest: e1kMHhlZQR0aFwgeV1kSHx4VD1lBWUc6OSo6TCo6Mz0PDkwIIgxISzkc CToaFDFVSlVKTUNJTENLSUJITkNMVTMWGhIXVR8SFRwTDhI7CBoVHB0UCVUYFBZVGBVFWVdZEgtZ QVlJT0seQUgZTEFISUxKQUofQktBQkNOHkEaTBlIQUIaSRhBSUwYTFlXWQgBWUFKQkxJNwY+ X-Spam-Status: No, score=-3.3 required=5.0 tests=BAYES_00,NICE_REPLY_A, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2023/4/29 9:26 下午, Ding Hui wrote: > If the function 0 of a multifunction device is removed, an freed Typo "a freed" will be fix in v2. > downstream pointer will be left in struct pcie_link_state, and then > when pcie_config_aspm_link() be invoked from any path, we will get a > KASAN use-after-free report. -- Thanks, -dinghui