iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/drivers/usb
History
AMAN DEEP 3496810663 usb: xhci: Bugfix for NULL pointer deference in xhci_endpoint_init() function 
virt_dev->num_cached_rings counts on freed ring and is not updated
correctly. In xhci_free_or_cache_endpoint_ring() function, the free ring
is added into cache and then num_rings_cache is incremented as below:
		virt_dev->ring_cache[rings_cached] =
			virt_dev->eps[ep_index].ring;
		virt_dev->num_rings_cached++;
here, free ring pointer is added to a current index and then
index is incremented.
So current index always points to empty location in the ring cache.
For getting available free ring, current index should be decremented
first and then corresponding ring buffer value should be taken from ring
cache.

But In function xhci_endpoint_init(), the num_rings_cached index is
accessed before decrement.
		virt_dev->eps[ep_index].new_ring =
			virt_dev->ring_cache[virt_dev->num_rings_cached];
		virt_dev->ring_cache[virt_dev->num_rings_cached] = NULL;
		virt_dev->num_rings_cached--;
This is bug in manipulating the index of ring cache.
And it should be as below:
		virt_dev->num_rings_cached--;
		virt_dev->eps[ep_index].new_ring =
			virt_dev->ring_cache[virt_dev->num_rings_cached];
		virt_dev->ring_cache[virt_dev->num_rings_cached] = NULL;

Cc: <stable@vger.kernel.org>
Signed-off-by: Aman Deep <aman.deep@samsung.com>
Signed-off-by: Mathias Nyman <mathias.nyman@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2015-07-22 14:19:36 -07:00
..
atm
Minor merge needed, due to function move.
2015-07-01 10:49:25 -07:00
c67x00
c67x00-hcd: use USB_DT_HUB
2015-04-03 19:03:16 +02:00
chipidea
USB Chipidea update for v4.2-rc1
2015-06-10 18:18:10 -07:00
class
cdc-acm: Add support of ATOL FPrint fiscal printers
2015-06-08 14:01:13 -07:00
common
usb: ulpi: ulpi_init should be executed in subsys_initcall
2015-07-20 12:57:46 -05:00
core
usb: patches for v4.2 merge window
2015-06-02 10:47:03 +09:00
dwc2
usb: dwc2: embed storage for reg backup in struct dwc2_hsotg
2015-07-06 12:34:08 -05:00
dwc3
usb: dwc3: Reset the transfer resource index on SET_INTERFACE
2015-07-22 08:52:42 -05:00
early
gadget
usb: gadget: udc: core: Fix argument of dma_map_single for IOMMU
2015-07-20 12:57:46 -05:00
host
usb: xhci: Bugfix for NULL pointer deference in xhci_endpoint_init() function
2015-07-22 14:19:36 -07:00
image
scsi: Do not set cmd_per_lun to 1 in the host template
2015-05-31 18:06:28 -07:00
isp1760
usb: isp1760: check for null return from kzalloc
2015-06-08 14:25:04 -07:00
misc
USB patches for 4.2-rc1
2015-06-26 15:59:26 -07:00
mon
USB: mon_stat.c: move assignment out of if () block
2015-05-10 16:01:11 +02:00
musb
usb: musb: host: rely on port_mode to call musb_start()
2015-07-06 12:34:07 -05:00
phy
usb: phy: mxs: suspend to RAM causes NULL pointer dereference
2015-07-06 12:34:08 -05:00
renesas_usbhs
usb: patches for v4.2 merge window
2015-06-02 10:47:03 +09:00
serial
USB: serial: Destroy serial_minors IDR on module exit
2015-07-09 10:41:23 +02:00
storage
USB patches for 4.2-rc1
2015-06-26 15:59:26 -07:00
usbip
usbip: vhci_hcd: use USB_DT_HUB
2015-04-03 19:03:15 +02:00
wusbcore
wusbcore: rh: use USB_DT_HUB
2015-04-03 19:03:15 +02:00
Kconfig
usb: isp1760: Move driver from drivers/usb/host/ to drivers/usb/isp1760/
2015-01-27 09:39:38 -06:00
Makefile
usb: load usb phy earlier
2015-03-18 17:25:16 +01:00
README
usb: hub: rename khubd to hub_wq in documentation and comments
2014-09-23 22:33:19 -07:00
usb-skeleton.c

README 

To understand all the Linux-USB framework, you'll use these resources:

    * This source code.  This is necessarily an evolving work, and
      includes kerneldoc that should help you get a current overview.
      ("make pdfdocs", and then look at "usb.pdf" for host side and
      "gadget.pdf" for peripheral side.)  Also, Documentation/usb has
      more information.

    * The USB 2.0 specification (from www.usb.org), with supplements
      such as those for USB OTG and the various device classes.
      The USB specification has a good overview chapter, and USB
      peripherals conform to the widely known "Chapter 9".

    * Chip specifications for USB controllers.  Examples include
      host controllers (on PCs, servers, and more); peripheral
      controllers (in devices with Linux firmware, like printers or
      cell phones); and hard-wired peripherals like Ethernet adapters.

    * Specifications for other protocols implemented by USB peripheral
      functions.  Some are vendor-specific; others are vendor-neutral
      but just standardized outside of the www.usb.org team.

Here is a list of what each subdirectory here is, and what is contained in
them.

core/		- This is for the core USB host code, including the
		  usbfs files and the hub class driver ("hub_wq").

host/		- This is for USB host controller drivers.  This
		  includes UHCI, OHCI, EHCI, and others that might
		  be used with more specialized "embedded" systems.

gadget/		- This is for USB peripheral controller drivers and
		  the various gadget drivers which talk to them.


Individual USB driver directories.  A new driver should be added to the
first subdirectory in the list below that it fits into.

image/		- This is for still image drivers, like scanners or
		  digital cameras.
../input/	- This is for any driver that uses the input subsystem,
		  like keyboard, mice, touchscreens, tablets, etc.
../media/	- This is for multimedia drivers, like video cameras,
		  radios, and any other drivers that talk to the v4l
		  subsystem.
../net/		- This is for network drivers.
serial/		- This is for USB to serial drivers.
storage/	- This is for USB mass-storage drivers.
class/		- This is for all USB device drivers that do not fit
		  into any of the above categories, and work for a range
		  of USB Class specified devices. 
misc/		- This is for all USB device drivers that do not fit
		  into any of the above categories.