diff options
| author | Julian Wiedmann <jwi@linux.ibm.com> | 2019-12-05 16:33:04 +0300 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2019-12-05 23:25:05 +0300 |
| commit | f9e50b02a99c3ebbaa30690e8d5be28a5c2624eb (patch) | |
| tree | d62bad662fb722988ad846fb5b04940eca4ecef9 /drivers/isdn | |
| parent | f677fcb9aeb60c523ee36c1061ef2249b558d1b5 (diff) | |
| download | linux-f9e50b02a99c3ebbaa30690e8d5be28a5c2624eb.tar.xz | |
s390/qeth: fix dangling IO buffers after halt/clear
The cio layer's intparm logic does not align itself well with how qeth
manages cmd IOs. When an active IO gets terminated via halt/clear, the
corresponding IRQ's intparm does not reflect the cmd buffer but rather
the intparm that was passed to ccw_device_halt() / ccw_device_clear().
This behaviour was recently clarified in
commit b91d9e67e50b ("s390/cio: fix intparm documentation").
As a result, qeth_irq() currently doesn't cancel a cmd that was
terminated via halt/clear. This primarily causes us to leak
card->read_cmd after the qeth device is removed, since our IO path still
holds a refcount for this cmd.
For qeth this means that we need to keep track of which IO is pending on
a device ('active_cmd'), and use this as the intparm when calling
halt/clear. Otherwise qeth_irq() can't match the subsequent IRQ to its
cmd buffer.
Since we now keep track of the _expected_ intparm, we can also detect
any mismatch; this would constitute a bug somewhere in the lower layers.
In this case cancel the active cmd - we effectively "lost" the IRQ and
should not expect any further notification for this IO.
Fixes: 405548959cc7 ("s390/qeth: add support for dynamically allocated cmds")
Signed-off-by: Julian Wiedmann <jwi@linux.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'drivers/isdn')
0 files changed, 0 insertions, 0 deletions