Piteball/android_kernel_google_msm
1
0
Fork 0
mirror of https://github.com/followmsi/android_kernel_google_msm.git synced 2024-11-06 23:17:41 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_google_msm/drivers/usb/host
History
AMAN DEEP f30647cf09 usb: xhci: Bugfix for NULL pointer deference in xhci_endpoint_init() function 
commit 3496810663922617d4b706ef2780c279252ddd6a upstream.

virt_dev->num_cached_rings counts on freed ring and is not updated
correctly. In xhci_free_or_cache_endpoint_ring() function, the free ring
is added into cache and then num_rings_cache is incremented as below:
		virt_dev->ring_cache[rings_cached] =
			virt_dev->eps[ep_index].ring;
		virt_dev->num_rings_cached++;
here, free ring pointer is added to a current index and then
index is incremented.
So current index always points to empty location in the ring cache.
For getting available free ring, current index should be decremented
first and then corresponding ring buffer value should be taken from ring
cache.

But In function xhci_endpoint_init(), the num_rings_cached index is
accessed before decrement.
		virt_dev->eps[ep_index].new_ring =
			virt_dev->ring_cache[virt_dev->num_rings_cached];
		virt_dev->ring_cache[virt_dev->num_rings_cached] = NULL;
		virt_dev->num_rings_cached--;
This is bug in manipulating the index of ring cache.
And it should be as below:
		virt_dev->num_rings_cached--;
		virt_dev->eps[ep_index].new_ring =
			virt_dev->ring_cache[virt_dev->num_rings_cached];
		virt_dev->ring_cache[virt_dev->num_rings_cached] = NULL;

Signed-off-by: Aman Deep <aman.deep@samsung.com>
Signed-off-by: Mathias Nyman <mathias.nyman@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Zefan Li <lizefan@huawei.com>
2016-03-21 09:17:46 +08:00
..
whci Merge branch 'for-next/dwc3' of git://git.kernel.org/pub/scm/linux/kernel/git/balbi/usb into usb-next 2011-12-12 15:19:53 -08:00
alchemy-common.c MIPS: Alchemy: Au1300 SoC support 2011-12-07 22:02:05 +00:00
ehci-atmel.c USB: ehci-atmel: add needed of.h header file 2012-04-04 18:35:43 +02:00
ehci-au1xxx.c usb: Remove ehci_reset call from ehci_run 2011-12-08 09:38:53 -08:00
ehci-cns3xxx.c
ehci-dbg.c simple_open: automatically convert to simple_open() 2012-04-05 15:25:50 -07:00
ehci-fsl.c USB: ehci-fsl: Fix kernel crash on mpc5121e 2012-04-18 14:13:52 -07:00
ehci-fsl.h Revert "powerpc/usb: fix issue of CPU halt when missing USB PHY clock" 2012-03-02 16:08:54 -08:00
ehci-grlib.c
ehci-hcd.c USB: fix PS3 EHCI systems 2012-06-22 11:37:13 -07:00
ehci-hub.c USB: EHCI: fix timer bug affecting port resume 2013-02-11 08:47:19 -08:00
ehci-ixp4xx.c
ehci-lpm.c
ehci-ls1x.c USB: Add EHCI bus glue for Loongson1x SoCs (UPDATED) 2012-01-24 15:28:02 -08:00
ehci-mem.c
ehci-msm.c usb: otg: Convert all users to pass struct usb_otg for OTG functions 2012-02-27 15:41:52 +02:00
ehci-mv.c usb: otg: Convert all users to pass struct usb_otg for OTG functions 2012-02-27 15:41:52 +02:00
ehci-mxc.c usb: ehci-mxc: check for pdata before dereferencing 2013-09-26 17:15:32 -07:00
ehci-octeon.c usb: Remove ehci_reset call from ehci_run 2011-12-08 09:38:53 -08:00
ehci-omap.c USB: ehci-omap: Fix autoloading of module 2013-02-28 06:59:06 -08:00
ehci-orion.c ARM: Orion: Get address map from plat-orion instead of via platform_data 2011-12-13 18:46:55 -05:00
ehci-pci.c USB: fix PM config symbol in uhci-hcd, ehci-hcd, and xhci-hcd 2014-04-14 06:44:27 -07:00
ehci-platform.c USB: ehci-platform: remove update_device 2012-06-01 15:18:21 +08:00
ehci-pmcmsp.c
ehci-ppc-of.c
ehci-ps3.c usb: PS3 EHCI HC reset work-around 2011-12-08 09:38:53 -08:00
ehci-q.c USB: EHCI: bugfix: urb->hcpriv should not be NULL 2014-04-14 06:44:22 -07:00
ehci-s5p.c USB: ehci-s5p: add DMA burst support 2012-03-08 13:05:47 -08:00
ehci-sched.c USB: EHCI: bugfix: urb->hcpriv should not be NULL 2014-04-14 06:44:22 -07:00
ehci-sh.c USB: irq: Remove IRQF_DISABLED 2011-09-18 01:39:36 -07:00
ehci-spear.c USB: ehci-spear: Add PM support 2012-02-24 13:40:04 -08:00
ehci-sysfs.c
ehci-tegra.c USB: ehci-tegra: remove redundant gpio_set_value 2012-05-01 14:11:51 -04:00
ehci-vt8500.c usb: Remove ehci_reset call from ehci_run 2011-12-08 09:38:53 -08:00
ehci-w90x900.c usb: Remove ehci_reset call from ehci_run 2011-12-08 09:38:53 -08:00
ehci-xilinx-of.c USB: EHCI: Don't use NO_IRQ in xilinx ehci driver 2012-01-16 08:23:15 +01:00
ehci-xls.c Merge 3.2-rc3 into usb-linus 2011-11-26 19:46:48 -08:00
ehci.h EHCI: keep track of ports being resumed and indicate in hub_status_data 2012-04-09 15:43:21 -07:00
fhci-dbg.c
fhci-hcd.c usb: convert drivers/usb/* to use module_platform_driver() 2011-11-28 06:48:32 +09:00
fhci-hub.c
fhci-mem.c
fhci-q.c
fhci-sched.c QE/FHCI: fixed the CONTROL bug 2011-10-18 13:51:34 -07:00
fhci-tds.c
fhci.h
fsl-mph-dr-of.c usb: Fix build error due to dma_mask is not at pdev_archdata at ARM 2012-02-24 13:37:44 -08:00
hwa-hc.c Merge branch 'usb-next' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb 2012-01-09 12:09:47 -08:00
imx21-dbg.c usb: Fix typo in imx21-dbg.c 2012-02-13 14:32:34 -08:00
imx21-hcd.c Merge branch 'usb-next' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb 2012-01-09 12:09:47 -08:00
imx21-hcd.h
isp116x-hcd.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
isp116x.h
isp1362-hcd.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
isp1362.h
isp1760-hcd.c USB: add flag for HCDs that can't receive wakeup requests (isp1760-hcd) 2015-06-19 11:40:13 +08:00
isp1760-hcd.h usb/isp1760: Allow to optionally trigger low-level chip reset via GPIOLIB. 2011-10-19 13:29:06 -07:00
isp1760-if.c Merge branch 'usb-next' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb 2012-01-09 12:09:47 -08:00
Kconfig USB: use generic platform driver on ath79 2012-03-15 12:45:43 -07:00
Makefile usb: host: xhci: add platform driver support 2012-03-13 10:30:59 -07:00
octeon2-common.c
ohci-at91.c USB: ohci-at91: fix null pointer in ohci_hcd_at91_overcurrent_irq 2012-10-02 10:30:48 -07:00
ohci-au1xxx.c Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2012-01-14 13:05:21 -08:00
ohci-cns3xxx.c
ohci-da8xx.c USB: irq: Remove IRQF_DISABLED 2011-09-18 01:39:36 -07:00
ohci-dbg.c USB: OHCI: fix new compiler warnings 2012-01-24 12:24:06 -08:00
ohci-ep93xx.c OHCI: remove uses of hcd->state 2011-11-18 10:51:00 -08:00
ohci-exynos.c USB: ohci-exynos: replace hcd->state with ohci->rh_state 2012-02-24 13:40:04 -08:00
ohci-hcd.c Disintegrate and delete asm/system.h 2012-03-28 15:58:21 -07:00
ohci-hub.c OHCI: remove uses of hcd->state 2011-11-18 10:51:00 -08:00
ohci-jz4740.c
ohci-mem.c
ohci-nxp.c USB: ohci-nxp: Remove i2c_write(), use smbus 2012-03-13 14:27:28 -07:00
ohci-octeon.c USB: irq: Remove IRQF_DISABLED 2011-09-18 01:39:36 -07:00
ohci-omap.c usb: otg: Convert all users to pass struct usb_otg for OTG functions 2012-02-27 15:41:52 +02:00
ohci-omap3.c ARM: OMAP: USBHOST: Replace usbhs core driver APIs by Runtime pm APIs 2011-12-16 04:29:57 -07:00
ohci-pci.c USB: OHCI: Allow runtime PM without system sleep 2014-04-14 06:44:27 -07:00
ohci-platform.c USB: OHCI: Add a generic platform device driver 2012-03-15 12:41:58 -07:00
ohci-pnx8550.c USB: irq: Remove IRQF_DISABLED 2011-09-18 01:39:36 -07:00
ohci-ppc-of.c USB: irq: Remove IRQF_DISABLED 2011-09-18 01:39:36 -07:00
ohci-ppc-soc.c USB: irq: Remove IRQF_DISABLED 2011-09-18 01:39:36 -07:00
ohci-ps3.c USB: irq: Remove IRQF_DISABLED 2011-09-18 01:39:36 -07:00
ohci-pxa27x.c USB: ohci-pxa27x: add clk_prepare/clk_unprepare calls 2012-03-15 13:46:54 -07:00
ohci-q.c USB: OHCI: workaround for hardware bug: retired TDs not added to the Done Queue 2012-12-17 10:37:46 -08:00
ohci-s3c2410.c USB: ohci-s3c2410: add PM support 2011-11-30 20:08:26 +09:00
ohci-sa1111.c USB: sa1111: add hcd .reset method 2012-03-24 11:30:14 +00:00
ohci-sh.c OHCI: remove uses of hcd->state 2011-11-18 10:51:00 -08:00
ohci-sm501.c OHCI: remove uses of hcd->state 2011-11-18 10:51:00 -08:00
ohci-spear.c OHCI: remove uses of hcd->state 2011-11-18 10:51:00 -08:00
ohci-ssb.c USB: irq: Remove IRQF_DISABLED 2011-09-18 01:39:36 -07:00
ohci-tmio.c OHCI: remove uses of hcd->state 2011-11-18 10:51:00 -08:00
ohci-xls.c usb: OHCI/EHCI-XLS: Use resource_size v3 2011-11-15 10:21:56 -08:00
ohci.h usb: otg: Rename otg_transceiver to usb_phy 2012-02-13 13:34:36 +02:00
oxu210hp-hcd.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
oxu210hp.h
pci-quirks.c OHCI: add a quirk for ULi M5237 blocking on reset 2015-04-14 17:33:52 +08:00
pci-quirks.h usb: host: xhci: fix compilation error for non-PCI based stacks 2012-10-02 10:30:21 -07:00
r8a66597-hcd.c usb: r8a66597-hcd: Convert to module_platform_driver 2012-03-02 16:20:29 -08:00
r8a66597.h
sl811-hcd.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
sl811.h
sl811_cs.c
u132-hcd.c Remove all #inclusions of asm/system.h 2012-03-28 18:30:03 +01:00
uhci-debug.c
uhci-grlib.c
uhci-hcd.c USB: UHCI: fix IRQ race during initialization 2013-01-27 20:47:43 -08:00
uhci-hcd.h
uhci-hub.c USB: UHCI: fix for suspend of virtual HP controller 2013-06-07 12:49:12 -07:00
uhci-pci.c USB: fix PM config symbol in uhci-hcd, ehci-hcd, and xhci-hcd 2014-04-14 06:44:27 -07:00
uhci-q.c usb: fix number of mapped SG DMA entries 2011-12-09 16:18:19 -08:00
xhci-dbg.c xHCI: correct to print the true HSEE of USBCMD 2012-04-10 15:21:52 -07:00
xhci-ext-caps.h xHCI: Correct the #define XHCI_LEGACY_DISABLE_SMI 2012-04-11 08:31:06 -07:00
xhci-hub.c usb: xhci: handle Config Error Change (CEC) in xhci driver 2015-06-19 11:40:30 +08:00
xhci-mem.c usb: xhci: Bugfix for NULL pointer deference in xhci_endpoint_init() function 2016-03-21 09:17:46 +08:00
xhci-pci.c usb: xhci: apply XHCI_AVOID_BEI quirk to all Intel xHCI controllers 2015-06-19 11:40:30 +08:00
xhci-plat.c xhci-plat: Don't enable legacy PCI interrupts. 2013-09-26 17:15:30 -07:00
xhci-ring.c xhci: gracefully handle xhci_irq dead device 2015-09-18 09:20:39 +08:00
xhci.c usb: xhci: rework root port wake bits if controller isn't allowed to wakeup 2015-04-14 17:33:37 +08:00
xhci.h xhci: Solve full event ring by increasing TRBS_PER_SEGMENT to 256 2015-09-18 09:20:38 +08:00