linux/drivers
Quinn Tran e3dde080eb scsi: qla2xxx: Fix unintialized List head crash
In case of IOCB Queue full or system where memory is low and driver
receives large number of RSCN storm, the stale sp pointer can stay on
gpnid_list resulting in page_fault.

This patch fixes this issue by initializing the sp->elem list head and
removing sp->elem before memory is freed.

Following stack trace is seen

 9 [ffff987b37d1bc60] page_fault at ffffffffad516768 [exception RIP: qla24xx_async_gpnid+496]
10 [ffff987b37d1bd10] qla24xx_async_gpnid at ffffffffc039866d [qla2xxx]
11 [ffff987b37d1bd80] qla2x00_do_work at ffffffffc036169c [qla2xxx]
12 [ffff987b37d1be38] qla2x00_do_dpc_all_vps at ffffffffc03adfed [qla2xxx]
13 [ffff987b37d1be78] qla2x00_do_dpc at ffffffffc036458a [qla2xxx]
14 [ffff987b37d1bec8] kthread at ffffffffacebae31

Fixes: 2d73ac6102 ("scsi: qla2xxx: Serialize GPNID for multiple RSCN")
Cc: <stable@vger.kernel.org> # v4.17+
Signed-off-by: Quinn Tran <quinn.tran@cavium.com>
Signed-off-by: Himanshu Madhani <himanshu.madhani@cavium.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
2018-07-19 22:02:33 -04:00
..
accessibility
acpi pwm: Changes for v4.18-rc1 2018-06-14 16:25:43 +09:00
amba Merge branch 'for-linus' of git://git.armlinux.org.uk/~rmk/linux-arm 2018-06-06 13:49:25 -07:00
android treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
ata treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
atm treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
auxdisplay treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
base Additional power management updates for 4.18-rc1 2018-06-13 07:24:18 -07:00
bcma
block The main piece is a set of libceph changes that revamps how OSD 2018-06-15 07:24:58 +09:00
bluetooth
bus - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
cdrom treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
char docs: Fix some broken references 2018-06-15 18:10:01 -03:00
clk docs: Fix some broken references 2018-06-15 18:10:01 -03:00
clocksource treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
connector Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
cpufreq Additional power management updates for 4.18-rc1 2018-06-13 07:24:18 -07:00
cpuidle powerpc updates for 4.18 2018-06-07 10:23:33 -07:00
crypto treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
dax libnvdimm for 4.18 2018-06-08 17:21:52 -07:00
dca
devfreq treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
dio
dma fix a series of Documentation/ broken file name references 2018-06-15 18:10:01 -03:00
dma-buf
edac treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
eisa
extcon treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
firewire treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
firmware Merge branch 'akpm' (patches from Andrew) 2018-06-15 08:51:42 +09:00
fmc treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
fpga
fsi
gpio treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
gpu Solve a series of broken links for files under Documentation: 2018-06-17 05:25:18 +09:00
hid docs: fix broken references with multiple hints 2018-06-15 18:10:01 -03:00
hsi
hv treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
hwmon treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
hwspinlock hwspinlock updates for v4.18 2018-06-11 12:09:19 -07:00
hwtracing treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
i2c Merge branch 'i2c/for-4.18' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux 2018-06-14 16:21:46 +09:00
ide treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
idle
iio treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
infiniband treewide: Use array_size() in kvzalloc_node() 2018-06-12 16:19:22 -07:00
input docs: Fix some broken references 2018-06-15 18:10:01 -03:00
iommu - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
ipack treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
irqchip treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
isdn treewide: Use array_size() in vmalloc() 2018-06-12 16:19:22 -07:00
leds treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
lightnvm docs: Fix some broken references 2018-06-15 18:10:01 -03:00
macintosh powerpc updates for 4.18 2018-06-07 10:23:33 -07:00
mailbox treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
mcb
md docs: Fix some broken references 2018-06-15 18:10:01 -03:00
media Solve a series of broken links for files under Documentation: 2018-06-17 05:25:18 +09:00
memory - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
memstick treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
message treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
mfd Merge branch 'i2c/for-4.18' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux 2018-06-14 16:21:46 +09:00
misc Merge branch 'i2c/for-4.18' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux 2018-06-14 16:21:46 +09:00
mmc treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
mtd - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
mux
net Solve a series of broken links for files under Documentation: 2018-06-17 05:25:18 +09:00
nfc treewide: devm_kmalloc() -> devm_kmalloc_array() 2018-06-12 16:19:22 -07:00
ntb - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
nubus Char/Misc driver patches for 4.18-rc1 2018-06-05 16:20:22 -07:00
nvdimm Merge branch 'for-4.18/mcsafe' into libnvdimm-for-next 2018-06-08 15:16:44 -07:00
nvme Merge branch 'nvme-4.18' of git://git.infradead.org/nvme into for-linus 2018-06-15 08:11:05 -06:00
nvmem treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
of - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
opp treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
oprofile treewide: Use array_size() in vmalloc() 2018-06-12 16:19:22 -07:00
parisc
parport docs: Fix some broken references 2018-06-15 18:10:01 -03:00
pci - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
pcmcia treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
perf
phy Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-06-06 18:39:49 -07:00
pinctrl treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
platform fix a series of Documentation/ broken file name references 2018-06-15 18:10:01 -03:00
pnp media updates for v4.18-rc1 2018-06-07 12:34:37 -07:00
power treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
powercap treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
pps
ps3
ptp
pwm pwm: Changes for v4.18-rc1 2018-06-14 16:25:43 +09:00
rapidio treewide: Use array_size() in vmalloc() 2018-06-12 16:19:22 -07:00
ras
regulator treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
remoteproc treewide: use PHYS_ADDR_MAX to avoid type casting ULLONG_MAX 2018-06-15 07:55:25 +09:00
reset - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
rpmsg
rtc - New Device Support 2018-06-11 07:20:17 -07:00
s390 treewide: Use array_size() in vzalloc() 2018-06-12 16:19:22 -07:00
sbus fix a series of Documentation/ broken file name references 2018-06-15 18:10:01 -03:00
scsi scsi: qla2xxx: Fix unintialized List head crash 2018-07-19 22:02:33 -04:00
sfi
sh treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
siox
slimbus treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
sn
soc treewide: use PHYS_ADDR_MAX to avoid type casting ULLONG_MAX 2018-06-15 07:55:25 +09:00
soundwire docs: Fix more broken references 2018-06-15 18:11:26 -03:00
spi treewide: devm_kzalloc() -> devm_kcalloc() 2018-06-12 16:19:22 -07:00
spmi
ssb
staging media: v4l: fix broken video4linux docs locations 2018-06-15 18:10:01 -03:00
target scsi: target: iscsi: cxgbit: fix max iso npdu calculation 2018-07-12 23:04:06 -04:00
tc
tee
thermal - Error path bug fix for overflow tests (Dan) 2018-06-12 18:28:00 -07:00
thunderbolt
tty vfs/y2038: inode timestamps conversion to timespec64 2018-06-15 07:31:07 +09:00
uio treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
usb vfs/y2038: inode timestamps conversion to timespec64 2018-06-15 07:31:07 +09:00
uwb treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
vfio VFIO updates for v4.18 2018-06-12 13:11:26 -07:00
vhost virtio, vhost: features, fixes 2018-06-16 06:35:02 +09:00
video Solve a series of broken links for files under Documentation: 2018-06-17 05:25:18 +09:00
virt treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
virtio virtio, vhost: features, fixes 2018-06-16 06:35:02 +09:00
visorbus
vlynq
vme
w1 Char/Misc driver patches for 4.18-rc1 2018-06-05 16:20:22 -07:00
watchdog MIPS changes for 4.18 2018-06-12 12:56:02 -07:00
xen treewide: kvmalloc() -> kvmalloc_array() 2018-06-12 16:19:22 -07:00
zorro - Introduce arithmetic overflow test helper functions (Rasmus) 2018-06-06 17:27:14 -07:00
Kconfig
Makefile