From 4c35143561721c080cabc454057a75f1dd0e705b Mon Sep 17 00:00:00 2001
From: Ben Hutchings <benh@debian.org>
Date: Sat, 11 Oct 2014 20:43:03 +0000
Subject: [PATCH] qla2xxx: fix kernel NULL pointer access (regression in 3.16)
 (Closes: #764804)

svn path=/dists/sid/linux/; revision=21942
---
 debian/changelog                              |  7 ++++
 ...a2xxx-fix-kernel-NULL-pointer-access.patch | 32 +++++++++++++++++++
 debian/patches/series                         |  1 +
 3 files changed, 40 insertions(+)
 create mode 100644 debian/patches/bugfix/all/qla2xxx-fix-kernel-NULL-pointer-access.patch

diff --git a/debian/changelog b/debian/changelog
index 31b365a96..8192e261b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+linux (3.16.5-2) UNRELEASED; urgency=medium
+
+  * qla2xxx: fix kernel NULL pointer access (regression in 3.16)
+    (Closes: #764804)
+
+ -- Ben Hutchings <ben@decadent.org.uk>  Sat, 11 Oct 2014 21:41:58 +0100
+
 linux (3.16.5-1) unstable; urgency=medium
 
   * New upstream stable update:
diff --git a/debian/patches/bugfix/all/qla2xxx-fix-kernel-NULL-pointer-access.patch b/debian/patches/bugfix/all/qla2xxx-fix-kernel-NULL-pointer-access.patch
new file mode 100644
index 000000000..5a00b1163
--- /dev/null
+++ b/debian/patches/bugfix/all/qla2xxx-fix-kernel-NULL-pointer-access.patch
@@ -0,0 +1,32 @@
+From: Himanshu Madhani <himanshu.madhani@qlogic.com>
+Date: Thu, 25 Sep 2014 06:14:44 -0400
+Subject: qla2xxx: fix kernel NULL pointer access
+Origin: https://git.kernel.org/linus/78c2106a50e067f7168ee8c0944baaeb0e988272
+
+This patch is to fix regression added by commit id
+51a07f84649d2be206c4c2ad9a612956db0c2f8c.
+
+When allocating memory for new session original patch does
+not assign vha to op->vha resulting into NULL pointer
+access during qlt_create_sess_from_atio().
+
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Himanshu Madhani <himanshu.madhani@qlogic.com>
+Signed-off-by: Saurav Kashyap <saurav.kashyap@qlogic.com>
+Signed-off-by: Christoph Hellwig <hch@lst.de>
+---
+ drivers/scsi/qla2xxx/qla_target.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/drivers/scsi/qla2xxx/qla_target.c b/drivers/scsi/qla2xxx/qla_target.c
+index aebe62c..43f9177 100644
+--- a/drivers/scsi/qla2xxx/qla_target.c
++++ b/drivers/scsi/qla2xxx/qla_target.c
+@@ -3277,6 +3277,7 @@ static int qlt_handle_cmd_for_atio(struct scsi_qla_host *vha,
+ 			return -ENOMEM;
+ 
+ 		memcpy(&op->atio, atio, sizeof(*atio));
++		op->vha = vha;
+ 		INIT_WORK(&op->work, qlt_create_sess_from_atio);
+ 		queue_work(qla_tgt_wq, &op->work);
+ 		return 0;
diff --git a/debian/patches/series b/debian/patches/series
index dafa8f03c..2737e4576 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -137,3 +137,4 @@ features/all/sfc-Add-40G-link-capability-decoding.patch
 bugfix/s390/s390-3215-fix-tty-output-containing-tabs.patch
 bugfix/all/fold-swapping-d_name.hash-into-switch_names.patch
 bugfix/all/vfs-Don-t-exchange-short-filenames-unconditionally.patch
+bugfix/all/qla2xxx-fix-kernel-NULL-pointer-access.patch