The CCW data address created by vfio-ccw is that of an IDAL built by this code. Since this address is used by real hardware, it should be a physical address rather than a virtual one. Let's clarify it as such in the ORB. Similarly, once the I/O has completed the memory for that IDAL needs to be released, so convert the CCW data address back to a virtual address so that kfree() can process it. Note: this currently doesn't fix a real bug, since virtual addresses are identical to physical ones. Signed-off-by: Eric Farman <farman@xxxxxxxxxxxxx> Reviewed-by: Matthew Rosato <mjrosato@xxxxxxxxxxxxx> Reviewed-by: Nico Boehr <nrb@xxxxxxxxxxxxx> --- drivers/s390/cio/vfio_ccw_cp.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/s390/cio/vfio_ccw_cp.c b/drivers/s390/cio/vfio_ccw_cp.c index 7b02e97f4b29..c0a09fa8991a 100644 --- a/drivers/s390/cio/vfio_ccw_cp.c +++ b/drivers/s390/cio/vfio_ccw_cp.c @@ -394,7 +394,7 @@ static void ccwchain_cda_free(struct ccwchain *chain, int idx) if (ccw_is_tic(ccw)) return; - kfree((void *)(u64)ccw->cda); + kfree(phys_to_virt(ccw->cda)); } /** @@ -845,7 +845,7 @@ union orb *cp_get_orb(struct channel_program *cp, u32 intparm, u8 lpm) chain = list_first_entry(&cp->ccwchain_list, struct ccwchain, next); cpa = chain->ch_ccw; - orb->cmd.cpa = (__u32) __pa(cpa); + orb->cmd.cpa = (__u32)virt_to_phys(cpa); return orb; } -- 2.34.1