redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/drivers/usb
History
Alan Stern e50293ef97 USB: fix invalid memory access in hub_activate() 
Commit 8520f38099 ("USB: change hub initialization sleeps to
delayed_work") changed the hub_activate() routine to make part of it
run in a workqueue.  However, the commit failed to take a reference to
the usb_hub structure or to lock the hub interface while doing so.  As
a result, if a hub is plugged in and quickly unplugged before the work
routine can run, the routine will try to access memory that has been
deallocated.  Or, if the hub is unplugged while the routine is
running, the memory may be deallocated while it is in active use.

This patch fixes the problem by taking a reference to the usb_hub at
the start of hub_activate() and releasing it at the end (when the work
is finished), and by locking the hub interface while the work routine
is running.  It also adds a check at the start of the routine to see
if the hub has already been disconnected, in which nothing should be
done.

Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Reported-by: Alexandru Cornea <alexandru.cornea@intel.com>
Tested-by: Alexandru Cornea <alexandru.cornea@intel.com>
Fixes: 8520f38099 ("USB: change hub initialization sleeps to delayed_work")
CC: <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2015-12-18 09:30:34 -08:00
..
atm USB: atm: cxacru: fix blank line after declaration 2015-07-22 14:55:22 -07:00
c67x00 c67x00-hcd: use USB_DT_HUB 2015-04-03 19:03:16 +02:00
chipidea usb: chipidea: imx: fix a possible NULL dereference 2015-11-18 15:27:31 +08:00
class USB: cdc_acm: Ignore Infineon Flash Loader utility 2015-11-23 10:31:05 +01:00
common usb: common: of_usb_get_dr_mode to usb_get_dr_mode 2015-09-27 10:54:31 -05:00
core USB: fix invalid memory access in hub_activate() 2015-12-18 09:30:34 -08:00
dwc2 usb: dwc2: fix kernel oops during driver probe 2015-11-20 09:29:47 -06:00
dwc3 usb: dwc3: gadget: don't prestart interrupt endpoints 2015-11-30 15:35:14 -06:00
early
gadget usb: gadget: uvc: fix permissions of configfs attributes 2015-12-08 08:53:43 -06:00
host xhci: fix usb2 resume timing and races. 2015-12-11 15:40:51 -08:00
image scsi: Do not set cmd_per_lun to 1 in the host template 2015-05-31 18:06:28 -07:00
isp1760 usb: isp1760: udc: add ep capabilities support 2015-08-04 12:26:55 -05:00
misc usb: misc: usb3503: Use i2c_add_driver helper macro 2015-10-24 19:53:53 -07:00
mon USB: mon_stat.c: move assignment out of if () block 2015-05-10 16:01:11 +02:00
musb usb: musb: fail with error when no DMA controller set 2015-12-09 09:36:03 -06:00
phy usb: phy: msm: fix a possible NULL dereference 2015-12-08 08:13:28 -06:00
renesas_usbhs usb: renesas_usbhs: gadget: Fix NULL pointer dereference in usbhsg_ep_dequeue() 2015-11-19 14:48:48 -06:00
serial USB: ipaq.c: fix a timeout loop 2015-12-18 09:30:34 -08:00
storage usb-storage: Fix scsi-sd failure "Invalid field in cdb" for USB adapter JMicron 2015-12-01 10:23:33 -08:00
usbip usbip: vhci_hcd: at unlink, return -EIDRM if vhci_rx took the urb 2015-10-04 10:59:03 +01:00
wusbcore wusbcore: rh: use USB_DT_HUB 2015-04-03 19:03:15 +02:00
Kconfig usb: isp1760: Move driver from drivers/usb/host/ to drivers/usb/isp1760/ 2015-01-27 09:39:38 -06:00
Makefile usb-host: Remove fusbh200 driver 2015-10-16 23:44:33 -07:00
README usb: hub: rename khubd to hub_wq in documentation and comments 2014-09-23 22:33:19 -07:00
usb-skeleton.c

README 

To understand all the Linux-USB framework, you'll use these resources:

    * This source code.  This is necessarily an evolving work, and
      includes kerneldoc that should help you get a current overview.
      ("make pdfdocs", and then look at "usb.pdf" for host side and
      "gadget.pdf" for peripheral side.)  Also, Documentation/usb has
      more information.

    * The USB 2.0 specification (from www.usb.org), with supplements
      such as those for USB OTG and the various device classes.
      The USB specification has a good overview chapter, and USB
      peripherals conform to the widely known "Chapter 9".

    * Chip specifications for USB controllers.  Examples include
      host controllers (on PCs, servers, and more); peripheral
      controllers (in devices with Linux firmware, like printers or
      cell phones); and hard-wired peripherals like Ethernet adapters.

    * Specifications for other protocols implemented by USB peripheral
      functions.  Some are vendor-specific; others are vendor-neutral
      but just standardized outside of the www.usb.org team.

Here is a list of what each subdirectory here is, and what is contained in
them.

core/		- This is for the core USB host code, including the
		  usbfs files and the hub class driver ("hub_wq").

host/		- This is for USB host controller drivers.  This
		  includes UHCI, OHCI, EHCI, and others that might
		  be used with more specialized "embedded" systems.

gadget/		- This is for USB peripheral controller drivers and
		  the various gadget drivers which talk to them.


Individual USB driver directories.  A new driver should be added to the
first subdirectory in the list below that it fits into.

image/		- This is for still image drivers, like scanners or
		  digital cameras.
../input/	- This is for any driver that uses the input subsystem,
		  like keyboard, mice, touchscreens, tablets, etc.
../media/	- This is for multimedia drivers, like video cameras,
		  radios, and any other drivers that talk to the v4l
		  subsystem.
../net/		- This is for network drivers.
serial/		- This is for USB to serial drivers.
storage/	- This is for USB mass-storage drivers.
class/		- This is for all USB device drivers that do not fit
		  into any of the above categories, and work for a range
		  of USB Class specified devices. 
misc/		- This is for all USB device drivers that do not fit
		  into any of the above categories.