[PATCH 0/2] usb: fix hub_configure() error handling
From: Krzysztof Mazur
Date: Tue Aug 20 2013 - 13:34:57 EST
Hi,
this series fixes hub_configure() error handling that causes hub->ports[i]
NULL pointer dereferences that were previously reported at:
"[PATCH] Prevent USB hub remove oops"
http://marc.info/?l=linux-kernel&m=136189072520909&w=4
https://bugzilla.redhat.com/show_bug.cgi?id=926907
This bug still exists in 3.11-rc6 and I've got an Oops during startup
caused by hub->ports[i] dereference in hub_quiesce().
The first patch implements what Alan Stern suggested in the
"[PATCH] Prevent USB hub remove oops" thread:
"All of these problems can be fixed in hub_configure by setting
hub->maxchild to the total number of allocated ports (or 0 if hub_ports
can't be allocated)."
http://marc.info/?l=linux-usb&m=136189486922963&w=4
The second patch uses slightly different approach because some
users ignore hub->maxchild and use hub->descriptor->bNbrPorts.
Krzysiek
Krzysztof Mazur (2):
usb: fix cleanup after failure in hub_configure()
usb: fail on usb_hub_create_port_device() errors
drivers/usb/core/hub.c | 21 ++++++++++++++-------
1 file changed, 14 insertions(+), 7 deletions(-)
--
1.8.4.rc1.409.gbd48715
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/