system/linux
system/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux synced 2024-10-22 11:19:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
linux/drivers/usb/gadget/function
History
Marek Szyprowski c9287fa657 usb: gadget: u_ether: fix unsafe list iteration 
list_for_each_entry_safe() is not safe for deleting entries from the
list if the spin lock, which protects it, is released and reacquired during
the list iteration. Fix this issue by replacing this construction with
a simple check if list is empty and removing the first entry in each
iteration. This is almost equivalent to a revert of the commit mentioned in
the Fixes: tag.

This patch fixes following issue:
--->8---
Unable to handle kernel NULL pointer dereference at virtual address 00000104
pgd = (ptrval)
[00000104] *pgd=00000000
Internal error: Oops: 817 [#1] PREEMPT SMP ARM
Modules linked in:
CPU: 1 PID: 84 Comm: kworker/1:1 Not tainted 4.20.0-rc2-next-20181114-00009-g8266b35ec404 #1061
Hardware name: SAMSUNG EXYNOS (Flattened Device Tree)
Workqueue: events eth_work
PC is at rx_fill+0x60/0xac
LR is at _raw_spin_lock_irqsave+0x50/0x5c
pc : [<c065fee0>]    lr : [<c0a056b8>]    psr: 80000093
sp : ee7fbee8  ip : 00000100  fp : 00000000
r10: 006000c0  r9 : c10b0ab0  r8 : ee7eb5c0
r7 : ee7eb614  r6 : ee7eb5ec  r5 : 000000dc  r4 : ee12ac00
r3 : ee12ac24  r2 : 00000200  r1 : 60000013  r0 : ee7eb5ec
Flags: Nzcv  IRQs off  FIQs on  Mode SVC_32  ISA ARM  Segment none
Control: 10c5387d  Table: 6d5dc04a  DAC: 00000051
Process kworker/1:1 (pid: 84, stack limit = 0x(ptrval))
Stack: (0xee7fbee8 to 0xee7fc000)
...
[<c065fee0>] (rx_fill) from [<c0143b7c>] (process_one_work+0x200/0x738)
[<c0143b7c>] (process_one_work) from [<c0144118>] (worker_thread+0x2c/0x4c8)
[<c0144118>] (worker_thread) from [<c014a8a4>] (kthread+0x128/0x164)
[<c014a8a4>] (kthread) from [<c01010b4>] (ret_from_fork+0x14/0x20)
Exception stack(0xee7fbfb0 to 0xee7fbff8)
...
---[ end trace 64480bc835eba7d6 ]---

Fixes: fea14e68ff ("usb: gadget: u_ether: use better list accessors")
Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Signed-off-by: Felipe Balbi <felipe.balbi@linux.intel.com>
2018-11-28 08:46:26 +02:00
..
f_acm.c A couple of configfs cleanups: 2017-11-14 14:44:04 -08:00
f_ecm.c usb: gadget: f_ecm: fix host mac address for multiple instances 2018-05-15 10:17:18 +03:00
f_eem.c net: drivers/net: Remove unnecessary skb_copy_expand OOM messages 2018-03-15 14:28:03 -04:00
f_fs.c Revert "usb: gadget: ffs: Fix BUG when userland exits with submitted AIO transfers" 2018-11-14 11:15:13 +02:00
f_hid.c vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
f_loopback.c A couple of configfs cleanups: 2017-11-14 14:44:04 -08:00
f_mass_storage.c Merge branch 'siginfo-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2018-10-24 11:22:39 +01:00
f_mass_storage.h usb: gadget: storage: Remove reference counting 2018-07-26 13:55:39 +03:00
f_midi.c - Introduce arithmetic overflow test helper functions (Rasmus) 2018-06-06 17:27:14 -07:00
f_ncm.c usb/gadget/NCM: Replace tasklet with softirq hrtimer 2018-01-16 09:51:23 +01:00
f_obex.c A couple of configfs cleanups: 2017-11-14 14:44:04 -08:00
f_phonet.c usb: gadget: f_phonet: fix pn_net_xmit()'s return type 2018-05-21 10:36:14 +03:00
f_printer.c usb: gadget: function: printer: avoid wrong list handling in printer_write() 2018-05-24 18:14:28 +02:00
f_rndis.c A couple of configfs cleanups: 2017-11-14 14:44:04 -08:00
f_serial.c A couple of configfs cleanups: 2017-11-14 14:44:04 -08:00
f_sourcesink.c A couple of configfs cleanups: 2017-11-14 14:44:04 -08:00
f_subset.c A couple of configfs cleanups: 2017-11-14 14:44:04 -08:00
f_tcm.c scsi: target: loop, usb, vhost, xen: use target_remove_session 2018-08-02 15:29:31 -04:00
f_uac1.c A couple of configfs cleanups: 2017-11-14 14:44:04 -08:00
f_uac1_legacy.c usb: Remove Blackfin references in USB support 2018-03-26 15:57:16 +02:00
f_uac2.c usb: gadget: f_uac2: disable IN/OUT ep if unused 2018-10-02 10:45:36 +03:00
f_uvc.c usb: gadget: uvc: Remove uvc_set_trace_param() function 2018-09-25 18:48:07 +03:00
f_uvc.h usb: gadget: uvc: Minimize #include in headers 2018-07-26 13:33:44 +03:00
g_zero.h
Makefile
ndis.h
rndis.c USB: rndis: Fix for handling garbled messages 2018-05-15 10:24:28 +03:00
rndis.h
storage_common.c
storage_common.h
tcm.h
u_audio.c usb: gadget: u_audio: protect stream runtime fields with stream spinlock 2018-07-17 10:12:51 +03:00
u_audio.h
u_ecm.h
u_eem.h
u_ether.c usb: gadget: u_ether: fix unsafe list iteration 2018-11-28 08:46:26 +02:00
u_ether.h
u_ether_configfs.h
u_fs.h
u_gether.h
u_hid.h
u_midi.h
u_ncm.h
u_phonet.h
u_printer.h
u_rndis.h
u_serial.c usb: gadget: u_serial: Use kfifo instead of homemade circular buffer 2017-12-11 12:36:50 +02:00
u_serial.h
u_tcm.h
u_uac1.h
u_uac1_legacy.c usb: Remove Blackfin references in USB support 2018-03-26 15:57:16 +02:00
u_uac1_legacy.h usb: Remove Blackfin references in USB support 2018-03-26 15:57:16 +02:00
u_uac2.h
u_uvc.h usb: gadget: uvc: configfs: Add interface number attributes 2018-09-24 18:54:26 +03:00
uvc.h usb: gadget: uvc: Replace plain printk() with dev_*() 2018-09-25 18:41:00 +03:00
uvc_configfs.c usb: gadget: uvc: configfs: Use %u to print unsigned int values 2018-09-25 18:48:10 +03:00
uvc_configfs.h
uvc_queue.c media: videobuf2-v4l2: integrate with media requests 2018-08-31 11:19:30 -04:00
uvc_queue.h usb: gadget: uvc: Minimize #include in headers 2018-07-26 13:33:44 +03:00
uvc_v4l2.c usb: gadget: uvc: Replace plain printk() with dev_*() 2018-09-25 18:41:00 +03:00
uvc_v4l2.h
uvc_video.c usb: gadget: uvc: Replace plain printk() with dev_*() 2018-09-25 18:41:00 +03:00
uvc_video.h usb: gadget: uvc: Replace plain printk() with dev_*() 2018-09-25 18:41:00 +03:00