redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/drivers/usb/host
History
Mathias Nyman cb53c51728 xhci: Fix NULL pointer dereference at endpoint zero reset. 
Usb core will reset the default control endpoint "ep0" before resetting
a device. if the endpoint has a valid pointer back to the usb device
then the xhci driver reset callback will try to clear the toggle for
the endpoint.

ep0 didn't use to have this pointer set as ep0 was always allocated
by default together with a xhci slot for the usb device. Other endpoints
got their usb device pointer set in xhci_add_endpoint()

This changed with commit ef513be0a9 ("usb: xhci: Add Clear_TT_Buffer")
which sets the pointer for any endpoint on a FS/LS device behind a
HS hub that halts, including ep0.

If xHC controller needs to be reset at resume, then all the xhci slots
will be lost. Slots will be reenabled and reallocated at device reset,
but unlike other endpoints the ep0 is reset before device reset, while
the xhci slot may still be invalid, causing NULL pointer dereference.

Fix it by checking that the endpoint has both a usb device pointer and
valid xhci slot before trying to clear the toggle.

This issue was not seen earlier as ep0 didn't use to have a valid usb
device pointer, and other endpoints were only reset after device reset
when xhci slots were properly reenabled.

Reported-by: Bob Gleitsmann <rjgleits@bellsouth.net>
Reported-by: Enric Balletbo Serra <eballetbo@gmail.com>
Fixes: ef513be0a9 ("usb: xhci: Add Clear_TT_Buffer")
Signed-off-by: Mathias Nyman <mathias.nyman@linux.intel.com>
Tested-by: Enric Balletbo i Serra <enric.balletbo@collabora.com>
Link: https://lore.kernel.org/r/1564758044-24748-1-git-send-email-mathias.nyman@linux.intel.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2019-08-02 18:13:49 +02:00
..
whci USB: host: whci: rename Kbuild file 2019-01-22 09:08:17 +01:00
Kconfig docs: usb: rename files to .rst and add them to drivers-api 2019-06-20 14:28:36 +02:00
Makefile USB: EHCI: make ehci-mv a separate driver 2018-09-20 13:07:55 +02:00
bcma-hcd.c USB: host: Remove redundant license text 2017-11-07 15:45:02 +01:00
ehci-atmel.c USB: host: ehci: Remove redundant license text 2017-11-07 15:45:02 +01:00
ehci-dbg.c USB: ehci-hcd: no need to check return value of debugfs_create functions 2018-05-31 12:54:22 +02:00
ehci-exynos.c usb: exynos: add workaround for the USB device bindings conflict 2019-05-21 08:34:49 +02:00
ehci-fsl.c usb: host: Stops USB controller init if PLL fails to lock 2019-07-03 18:52:20 +02:00
ehci-fsl.h usb: phy: Workaround for USB erratum-A005728 2019-07-03 18:52:20 +02:00
ehci-grlib.c USB: host: ehci: Remove redundant license text 2017-11-07 15:45:02 +01:00
ehci-hcd.c USB: drop HCD_LOCAL_MEM flag 2019-06-03 16:00:08 +02:00
ehci-hub.c USB: ehci-hcd: Add get_resuming_ports method 2018-06-25 21:44:43 +08:00
ehci-mem.c Revert "usb: host: ehci: Use dma_pool_zalloc()" 2018-05-04 14:35:12 -07:00
ehci-mv.c USB: EHCI: ehci-mv: add MODULE_DEVICE_TABLE 2019-01-18 10:07:05 +01:00
ehci-mxc.c USB: host: ehci: Remove redundant license text 2017-11-07 15:45:02 +01:00
ehci-npcm7xx.c USB: host: ehci-npcm7xx: Fix some error codes in probe 2018-06-28 19:32:42 +09:00
ehci-omap.c usb: ehci-omap: Fix deferred probe for phy handling 2018-12-17 14:07:59 +01:00
ehci-orion.c usb: ehci-orion: add S2RAM support 2019-01-30 09:22:35 +01:00
ehci-pci.c usb: pci-quirks: Minor cleanup for AMD PLL quirk 2019-07-25 10:40:02 +02:00
ehci-platform.c usb: host: ehci-platform: remove custom USB PHY handling 2018-03-09 09:43:53 -08:00
ehci-pmcmsp.c USB: host: ehci: Remove redundant license text 2017-11-07 15:45:02 +01:00
ehci-ppc-of.c USB: add SPDX identifiers to all remaining files in drivers/usb/ 2017-11-04 11:48:02 +01:00
ehci-ps3.c powerpc/ps3: Set driver coherent_dma_mask 2018-07-20 12:50:37 +10:00
ehci-q.c usb: host: Replace empty define with do while 2018-09-28 15:03:37 +02:00
ehci-sched.c usb: host: ehci-sched: remove redundant pointer dev 2018-07-13 15:41:56 +02:00
ehci-sh.c USB: host: ehci: Remove redundant license text 2017-11-07 15:45:02 +01:00
ehci-spear.c USB: host: ehci: Remove redundant license text 2017-11-07 15:45:02 +01:00
ehci-st.c usb: host: ehci-st: Remove set but not used variable 'ehci' 2019-06-03 15:21:56 +02:00
ehci-sysfs.c USB: move many drivers to use DEVICE_ATTR_RW 2018-01-24 08:49:51 +01:00
ehci-tegra.c usb: tegra: Move utmi-pads reset from ehci-tegra to tegra-phy 2018-04-23 09:50:57 +02:00
ehci-timer.c usb: host: Replace empty define with do while 2018-09-28 15:03:37 +02:00
ehci-w90x900.c USB: host: ehci: Remove redundant license text 2017-11-07 15:45:02 +01:00
ehci-xilinx-of.c USB: host: ehci: Remove redundant license text 2017-11-07 15:45:02 +01:00
ehci.h usb: host: Replace empty define with do while 2018-09-28 15:03:37 +02:00
fhci-dbg.c USB: fhci-hcd: no need to check return value of debugfs_create functions 2018-05-31 12:54:22 +02:00
fhci-hcd.c USB: host: fhci: Remove redundant license text 2017-11-07 15:45:02 +01:00
fhci-hub.c USB: host: fhci: Remove redundant license text 2017-11-07 15:45:02 +01:00
fhci-mem.c USB: host: fhci: Remove redundant license text 2017-11-07 15:45:02 +01:00
fhci-q.c USB: host: fhci: Remove redundant license text 2017-11-07 15:45:02 +01:00
fhci-sched.c usb: host: use usb_endpoint_maxp instead of usb_maxpacket 2019-04-19 14:23:34 +02:00
fhci-tds.c treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
fhci.h USB: fhci-hcd: no need to check return value of debugfs_create functions 2018-05-31 12:54:22 +02:00
fotg210-hcd.c dma-mapping updates for Linux 5.3 2019-07-12 15:13:55 -07:00
fotg210.h usb: host: Replace empty define with do while 2018-09-28 15:03:37 +02:00
fsl-mph-dr-of.c usb :fsl: Change string format for errata property 2019-07-03 18:52:20 +02:00
hwa-hc.c usb: wusbcore: fix unbalanced get/put cluster_id 2019-07-25 10:40:03 +02:00
imx21-dbg.c USB: imx21-hcd: no need to check return value of debugfs_create functions 2018-05-31 12:54:22 +02:00
imx21-hcd.c treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
imx21-hcd.h USB: host: imx21: Remove redundant license text 2017-11-07 15:45:02 +01:00
isp116x-hcd.c USB: isp116x-hcd: no need to check return value of debugfs_create functions 2018-05-31 12:54:21 +02:00
isp116x.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
isp1362-hcd.c usb: host: isp1362-hcd: convert to DEFINE_SHOW_ATTRIBUTE 2018-12-12 12:38:41 +01:00
isp1362.h usb: isp1362: Spelling s/eclusive/exclusive/ 2019-06-18 08:51:28 +02:00
max3421-hcd.c USB: add SPDX identifiers to all remaining files in drivers/usb/ 2017-11-04 11:48:02 +01:00
ohci-at91.c USB: host: ohci-at91: add sam9x60-sfr definition for ohci 2019-01-18 09:58:04 +01:00
ohci-da8xx.c usb: ohci-da8xx: drop the vbus GPIO 2019-04-12 19:46:48 +05:30
ohci-dbg.c treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
ohci-exynos.c usb: exynos: add workaround for the USB device bindings conflict 2019-05-21 08:34:49 +02:00
ohci-hcd.c usb: host: Fix excessive alignment restriction for local memory allocations 2019-06-28 07:57:07 +02:00
ohci-hub.c ohci-hcd: Fix race condition caused by ohci_urb_enqueue() and io_watchdog_func() 2018-02-15 18:43:57 +01:00
ohci-mem.c usb: host: Fix excessive alignment restriction for local memory allocations 2019-06-28 07:57:07 +02:00
ohci-nxp.c USB: host: ohci: Remove redundant license text 2017-11-07 15:45:02 +01:00
ohci-omap.c usb: add a flag to skip PHY initialization to struct usb_hcd 2018-03-09 09:43:52 -08:00
ohci-pci.c usb: pci-quirks: Minor cleanup for AMD PLL quirk 2019-07-25 10:40:02 +02:00
ohci-platform.c usb: host: ohci-platform: remove custom USB PHY handling 2018-03-09 09:43:53 -08:00
ohci-ppc-of.c USB: add SPDX identifiers to all remaining files in drivers/usb/ 2017-11-04 11:48:02 +01:00
ohci-ps3.c powerpc/ps3: Set driver coherent_dma_mask 2018-07-20 12:50:37 +10:00
ohci-pxa27x.c USB: add SPDX identifiers to all remaining files in drivers/usb/ 2017-11-04 11:48:02 +01:00
ohci-q.c usb: ohci: Proper handling of ed_rm_list to handle race condition between usb_kill_urb() and finish_unlinks() 2018-02-15 18:45:34 +01:00
ohci-s3c2410.c usb: ohci-s3c2410: Remove set but not used variable 'hcd' 2019-06-03 15:21:57 +02:00
ohci-sa1111.c USB: add SPDX identifiers to all remaining files in drivers/usb/ 2017-11-04 11:48:02 +01:00
ohci-sm501.c USB: drop HCD_LOCAL_MEM flag 2019-06-03 16:00:08 +02:00
ohci-spear.c USB: ohci-spear: Remove set but not used variable 'ohci' 2019-06-03 15:21:57 +02:00
ohci-st.c usb: host: ohci-st: Remove set but not used variable 'ohci' 2019-06-03 15:21:56 +02:00
ohci-tmio.c USB: drop HCD_LOCAL_MEM flag 2019-06-03 16:00:08 +02:00
ohci.h USB: use genalloc for USB HCs with local memory 2019-06-03 16:00:07 +02:00
oxu210hp-hcd.c usb: host: oxu210hp-hcd: remove set but not used variables 'uframes, transfer_buffer_length' 2019-02-19 14:41:38 +01:00
oxu210hp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pci-quirks.c usb: pci-quirks: Minor cleanup for AMD PLL quirk 2019-07-25 10:40:02 +02:00
pci-quirks.h usb: pci-quirks: Minor cleanup for AMD PLL quirk 2019-07-25 10:40:02 +02:00
r8a66597-hcd.c usb: r8a66597: Fix a possible concurrency use-after-free bug in r8a66597_endpoint_disable() 2018-12-19 08:13:26 +01:00
r8a66597.h USB: host: Remove redundant license text 2017-11-07 15:45:02 +01:00
sl811-hcd.c USB: host: sl811: Re-use DEFINE_SHOW_ATTRIBUTE() macro 2018-03-16 15:40:19 +01:00
sl811.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sl811_cs.c USB: add SPDX identifiers to all remaining files in drivers/usb/ 2017-11-04 11:48:02 +01:00
ssb-hcd.c USB: host: Remove redundant license text 2017-11-07 15:45:02 +01:00
u132-hcd.c usb: host: u132-hcd: remove unneeded variable frame 2019-06-06 08:59:19 +02:00
uhci-debug.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
uhci-grlib.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
uhci-hcd.c USB: drop HCD_LOCAL_MEM flag 2019-06-03 16:00:08 +02:00
uhci-hcd.h usb: uhci: Add clk support to uhci-platform 2018-01-17 15:08:56 +01:00
uhci-hub.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
uhci-pci.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
uhci-platform.c usb: uhci: Add clk support to uhci-platform 2018-01-17 15:08:56 +01:00
uhci-q.c USB: remove the URB_NO_FSBR flag 2017-12-12 13:16:07 +01:00
xhci-dbg.c usb: xhci: Cleanup printk debug message for ERST 2017-12-08 17:43:52 +01:00
xhci-dbgcap.c drivers: Remove explicit invocations of mmiowb() 2019-04-08 12:01:02 +01:00
xhci-dbgcap.h usb: xhci: dbc: Add SPDX identifiers to dbc files 2018-05-24 18:03:07 +02:00
xhci-dbgtty.c usb: xhci: dbc: Add SPDX identifiers to dbc files 2018-05-24 18:03:07 +02:00
xhci-debugfs.c usb: xhci: Fix a potential null pointer dereference in xhci_debugfs_create_endpoint() 2019-05-22 14:25:37 +02:00
xhci-debugfs.h usb: xhci: remove unused member 'parent' in xhci_regset struct 2019-02-20 20:18:23 +01:00
xhci-ext-caps.c xhci: Add Intel extended cap / otg phy mux handling 2018-03-22 13:40:10 +01:00
xhci-ext-caps.h xhci: Add Intel extended cap / otg phy mux handling 2018-03-22 13:40:10 +01:00
xhci-histb.c xhci: Fix leaking USB3 shared_hcd at xhci removal 2018-11-09 08:31:08 -08:00
xhci-hub.c xhci: add port and bus number to port dynamic debugging 2019-04-27 14:53:58 +02:00
xhci-mem.c usb: xhci: fix build warning - missing prototype 2019-02-21 10:54:22 +01:00
xhci-mtk-sch.c usb: xhci-mtk: supports SSP without external USB3 gen2 hub 2018-09-28 15:04:45 +02:00
xhci-mtk.c usb: xhci-mtk: get optional clock by devm_clk_get_optional() 2019-04-19 14:23:34 +02:00
xhci-mtk.h usb: xhci-mtk: supports bandwidth scheduling with multi-TT 2018-09-28 15:04:45 +02:00
xhci-mvebu.c usb: host: xhci: mvebu: add reset on resume quirk 2019-01-30 09:22:35 +01:00
xhci-mvebu.h usb: host: xhci: mvebu: add reset on resume quirk 2019-01-30 09:22:35 +01:00
xhci-pci.c usb: pci-quirks: Minor cleanup for AMD PLL quirk 2019-07-25 10:40:02 +02:00
xhci-plat.c usb: host: xhci-plat: get optional clock by devm_clk_get_optional() 2019-04-19 14:24:25 +02:00
xhci-plat.h USB: host: xhci: Remove redundant license text 2017-11-07 15:45:02 +01:00
xhci-rcar.c usb: host: xhci-rcar: Fix timeout in xhci_suspend() 2019-08-02 18:13:49 +02:00
xhci-rcar.h USB: host: xhci: Remove redundant license text 2017-11-07 15:45:02 +01:00
xhci-ring.c Merge 5.2-rc6 into usb-next 2019-06-23 09:21:15 +02:00
xhci-tegra.c usb: host: xhci-tegra: Fix Wunused-const-variable 2019-06-18 08:44:09 +02:00
xhci-trace.c USB: host: xhci: Remove redundant license text 2017-11-07 15:45:02 +01:00
xhci-trace.h usb: xhci: add endpoint context tracing when an endpoint is added 2019-04-27 14:53:58 +02:00
xhci.c xhci: Fix NULL pointer dereference at endpoint zero reset. 2019-08-02 18:13:49 +02:00
xhci.h xhci: Fix crash if scatter gather is used with Immediate Data Transfer (IDT). 2019-07-25 11:26:42 +02:00