Public bug reported:
Description: qdio: clear intparm during shutdown
Symptom: Crash in qeth_irq() with "Unable to handle kernel pointer
dereference in virtual kernel address space".
Problem: During shutdown, qdio returns its ccw device back to control
by qeth - but doesn't reset the interrupt parameter on the
device. If qdio_shutdown() failed to terminate its
long-running IO on the ccw_device, qeth will subsequently
do so. In this case the IRQ for the IO completion is
presented to qeth_irq() with the _old_ interrupt parameter,
which gets mis-interpreted as a valid qeth_cmd_buffer
pointer. Dereferencing this bogus pointer in
qeth_release_buffer() triggers the crash.
Solution: When returning the ccw device in qdio_shutdown(), also reset
its interrupt parameter.
Reproduction: Offline an OSA CHPID with multiple active qeth interfaces.
Component: Kernel
Upstream-ID: 89286320a236d245834075fa13adb0bdd827ecaa
Reported: Ubuntu 18.04
** Affects: linux (Ubuntu)
Importance: Undecided
Assignee: Skipper Bug Screeners (skipper-screen-team)
Status: New
** Tags: architecture-s39064 bugnameltc-177513 severity-high
targetmilestone-inin18041
** Tags added: architecture-s39064 bugnameltc-177513 severity-high
targetmilestone-inin18041
** Changed in: ubuntu
Assignee: (unassigned) => Skipper Bug Screeners (skipper-screen-team)
** Package changed: ubuntu => linux (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1828394
Title:
[UBUNTU] qdio: clear intparm during shutdown
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1828394/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
