• Julian Wiedmann's avatar
    s390/qeth: fix dangling IO buffers after halt/clear · f9e50b02
    Julian Wiedmann authored
    The cio layer's intparm logic does not align itself well with how qeth
    manages cmd IOs. When an active IO gets terminated via halt/clear, the
    corresponding IRQ's intparm does not reflect the cmd buffer but rather
    the intparm that was passed to ccw_device_halt() / ccw_device_clear().
    This behaviour was recently clarified in
    commit b91d9e67 ("s390/cio: fix intparm documentation").
    
    As a result, qeth_irq() currently doesn't cancel a cmd that was
    terminated via halt/clear. This primarily causes us to leak
    card->read_cmd after the qeth device is removed, since our IO path still
    holds a refcount for this cmd.
    
    For qeth this means that we need to keep track of which IO is pending on
    a device ('active_cmd'), and use this as the intparm when calling
    halt/clear. Otherwise qeth_irq() can't match the subsequent IRQ to its
    cmd buffer.
    Since we now keep track of the _expected_ intparm, we can also detect
    any mismatch; this would constitute a bug somewhere in the lower layers.
    In this case cancel the active cmd - we effectively "lost" the IRQ and
    should not expect any further notification for this IO.
    
    Fixes: 40554895 ("s390/qeth: add support for dynamically allocated cmds")
    Signed-off-by: default avatarJulian Wiedmann <jwi@linux.ibm.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    f9e50b02
qeth_core.h 29.6 KB