korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-17 01:04:19 +08:00
Code Issues Packages Projects Releases Wiki Activity
5c1b97c7d7
linux/drivers/usb/gadget
History
Daehwan Jung aaaba1c86d usb: gadget: rndis: add spinlock for rndis response list 
There's no lock for rndis response list. It could cause list corruption
if there're two different list_add at the same time like below.
It's better to add in rndis_add_response / rndis_free_response
/ rndis_get_next_response to prevent any race condition on response list.

[  361.894299] [1:   irq/191-dwc3:16979] list_add corruption.
next->prev should be prev (ffffff80651764d0),
but was ffffff883dc36f80. (next=ffffff80651764d0).

[  361.904380] [1:   irq/191-dwc3:16979] Call trace:
[  361.904391] [1:   irq/191-dwc3:16979]  __list_add_valid+0x74/0x90
[  361.904401] [1:   irq/191-dwc3:16979]  rndis_msg_parser+0x168/0x8c0
[  361.904409] [1:   irq/191-dwc3:16979]  rndis_command_complete+0x24/0x84
[  361.904417] [1:   irq/191-dwc3:16979]  usb_gadget_giveback_request+0x20/0xe4
[  361.904426] [1:   irq/191-dwc3:16979]  dwc3_gadget_giveback+0x44/0x60
[  361.904434] [1:   irq/191-dwc3:16979]  dwc3_ep0_complete_data+0x1e8/0x3a0
[  361.904442] [1:   irq/191-dwc3:16979]  dwc3_ep0_interrupt+0x29c/0x3dc
[  361.904450] [1:   irq/191-dwc3:16979]  dwc3_process_event_entry+0x78/0x6cc
[  361.904457] [1:   irq/191-dwc3:16979]  dwc3_process_event_buf+0xa0/0x1ec
[  361.904465] [1:   irq/191-dwc3:16979]  dwc3_thread_interrupt+0x34/0x5c

Fixes: f6281af9d6 ("usb: gadget: rndis: use list_for_each_entry_safe")
Cc: stable <stable@kernel.org>
Signed-off-by: Daehwan Jung <dh10.jung@samsung.com>
Link: https://lore.kernel.org/r/1645507768-77687-1-git-send-email-dh10.jung@samsung.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-02-24 11:16:57 +01:00
..
function usb: gadget: rndis: add spinlock for rndis response list 2022-02-24 11:16:57 +01:00
legacy usb: raw-gadget: fix handling of dual-direction-capable endpoints 2022-01-31 14:22:49 +01:00
udc USB: gadget: validate endpoint index for xilinx udc 2022-02-24 11:00:07 +01:00
composite.c USB: gadget: validate interface OS descriptor requests 2022-02-11 10:59:12 +01:00
config.c usb: fix various gadget panics on 10gbps cabling 2021-06-09 10:40:08 +02:00
configfs.c usb: gadget: configfs: use to_usb_function_instance() in cfg (un)link func 2021-11-23 14:12:48 +01:00
configfs.h
epautoconf.c usb: gadget: fix for a typo that conveys logically-inverted information. 2021-09-14 10:27:54 +02:00
functions.c
Kconfig usb: gadget: uvc: add scatter gather support 2021-07-27 15:59:19 +02:00
Makefile Revert "usb:gadget Separated decoding functions from dwc3 driver." 2019-07-04 13:02:09 +02:00
u_f.c
u_f.h USB: gadget: u_f: Unbreak offset calculation in VLAs 2020-08-27 09:25:06 +02:00
u_os_desc.h
usbstring.c usb: gadget: fix langid kernel-doc warning in usbstring.c 2020-07-09 10:13:07 +03:00