mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-12 21:57:43 +00:00
Code Issues Releases Wiki Activity
linux-stable/drivers/usb/core
History
M. Vefa Bicakci 4df30e7603 usbcore/driver: Fix incorrect downcast 
This commit resolves a minor bug in the selection/discovery of more
specific USB device drivers for devices that are currently bound to
generic USB device drivers.

The bug is related to the way a candidate USB device driver is
compared against the generic USB device driver. The code in
is_dev_usb_generic_driver() assumes that the device driver in question
is a USB device driver by calling to_usb_device_driver(dev->driver)
to downcast; however I have observed that this assumption is not always
true, through code instrumentation.

This commit avoids the incorrect downcast altogether by comparing
the USB device's driver (i.e., dev->driver) to the generic USB
device driver directly. This method was suggested by Alan Stern.

This bug was found while investigating Andrey Konovalov's report
indicating usbip device driver misbehaviour with the recently merged
generic USB device driver selection feature. The report is linked
below.

Fixes: d5643d2249 ("USB: Fix device driver race")
Cc: <stable@vger.kernel.org> # 5.8
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: Alan Stern <stern@rowland.harvard.edu>
Cc: Bastien Nocera <hadess@hadess.net>
Cc: Shuah Khan <shuah@kernel.org>
Cc: Valentina Manea <valentina.manea.m@gmail.com>
Cc: <syzkaller@googlegroups.com>
Tested-by: Andrey Konovalov <andreyknvl@google.com>
Signed-off-by: M. Vefa Bicakci <m.v.b@runbox.com>
Link: https://lore.kernel.org/r/20200922110703.720960-4-m.v.b@runbox.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-09-25 16:53:02 +02:00
..
buffer.c usb: add a hcd_uses_dma helper 2019-08-15 15:18:05 +02:00
config.c usb: Use fallthrough pseudo-keyword 2020-07-10 08:55:17 +02:00
devices.c USB: core: additional Device Classes to debug/usb/devices 2020-06-18 10:02:58 +02:00
devio.c usb: usbfs: stop using compat_alloc_user_space 2020-07-22 13:13:22 +02:00
driver.c usbcore/driver: Fix incorrect downcast 2020-09-25 16:53:02 +02:00
endpoint.c
file.c USB: core: Fix races in character device registration and deregistraion 2019-08-12 22:47:24 +02:00
generic.c USB: Also match device drivers using the ->match vfunc 2020-08-18 13:08:45 +02:00
hcd-pci.c usb: hcd: Fix use after free in usb_hcd_pci_remove() 2020-08-18 12:09:52 +02:00
hcd.c usb: Use fallthrough pseudo-keyword 2020-07-10 08:55:17 +02:00
hub.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
hub.h USB: core: Use the correct style for SPDX License Identifier 2020-04-16 14:32:45 +02:00
Kconfig USB: OTG: rename product list of devices 2020-06-19 08:58:55 +02:00
ledtrig-usbport.c usb: core: ledtrig-usbport: Demote obvious misuse of kerneldoc to standard comment blocks 2020-07-09 16:46:57 +02:00
Makefile
message.c usb: Fix out of sync data toggle if a configured device is reconfigured 2020-09-04 16:41:22 +02:00
notify.c USB: core: Remove usbfs_mutex 2019-06-26 10:28:09 +08:00
of.c drivers: usb: Fix trivial spelling 2020-06-18 10:13:16 +02:00
otg_productlist.h USB: OTG: rename product list of devices 2020-06-19 08:58:55 +02:00
phy.c usb: core: phy: add support for PHY calibration 2019-09-03 15:54:55 +02:00
phy.h usb: core: phy: add support for PHY calibration 2019-09-03 15:54:55 +02:00
port.c usb: core: port: do error out if usb_autopm_get_interface() fails 2020-03-04 10:58:16 +01:00
quirks.c USB: quirks: Add USB_QUIRK_IGNORE_REMOTE_WAKEUP quirk for BYD zhaoxin notebook 2020-09-16 13:08:18 +02:00
sysfs.c usb: core: fix slab-out-of-bounds Read in read_descriptors 2020-09-04 16:41:22 +02:00
urb.c usb: Use fallthrough pseudo-keyword 2020-07-10 08:55:17 +02:00
usb-acpi.c usb: core: Use ACPI_SUCCESS() at appropriate places 2020-02-19 11:08:52 +01:00
usb.c USB: Fix up terminology 2020-07-01 14:04:04 +02:00
usb.h USB: rename USB quirk to USB_QUIRK_ENDPOINT_IGNORE 2020-06-19 08:58:37 +02:00