From: Viswas G <viswa...@pmcs.com>
In pm8001_ccb_task_free(), the dma unmapping is done based on
ccb->n_elem value. This should be initialized to zero in the
task_abort(). Otherwise, pm8001_ccb_task_free() will try for
dma_unmap_sg() which is invalid for task abort and can lead to
kernel crash.
Changes From V1:
None
Signed-off-by: Viswas G <viswa...@pmcs.com>
Reviewed-by: Suresh Thiagarajan <suresh.thiagara...@pmcs.com>
Reviewed-by: Hannes Reinecke <h...@suse.com>
Reviewed-by: Jack Wang <jinpu.w...@profitbricks.com>
Reviewed-by: Tomas Henzl <the...@redhat.com>
---
drivers/scsi/pm8001/pm8001_sas.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/drivers/scsi/pm8001/pm8001_sas.c b/drivers/scsi/pm8001/pm8001_sas.c
index 48f4627..949198c 100644
--- a/drivers/scsi/pm8001/pm8001_sas.c
+++ b/drivers/scsi/pm8001/pm8001_sas.c
@@ -790,6 +790,7 @@ pm8001_exec_internal_task_abort(struct pm8001_hba_info
*pm8001_ha,
ccb->device = pm8001_dev;
ccb->ccb_tag = ccb_tag;
ccb->task = task;
+ ccb->n_elem = 0;
res = PM8001_CHIP_DISP->task_abort(pm8001_ha,
pm8001_dev, flag, task_tag, ccb_tag);
--
1.7.1
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
