Re: [PATCH] usb: xhci-mtk: Do not use xhci's virt_dev in drop_endpoint
From: Chunfeng Yun (云春峰)
Date: Thu Aug 19 2021 - 07:57:22 EST
Hi Greg,
On Thu, 2021-08-05 at 13:37 +0800, Ikjoon Jang wrote:
> xhci-mtk depends on xhci's internal virt_dev when it retrieves its
> internal data from usb_host_endpoint both in add_endpoint and
> drop_endpoint callbacks. But when setup packet was retired by
> transaction errors in xhci_setup_device() path, a virt_dev for the
> slot
> is newly created with real_port 0. This leads to xhci-mtks's NULL
> pointer
> dereference from drop_endpoint callback as xhci-mtk assumes that
> virt_dev's
> real_port is always started from one. The similar problems were
> addressed
> by [1] but that can't cover the failure cases from setup_device.
>
> This patch drops the usages of xhci's virt_dev in xhci-mtk's
> drop_endpoint
> callback by adopting rhashtable for searching mtk's schedule entity
> from a given usb_host_endpoint pointer instead of searching a linked
> list.
> So mtk's drop_endpoint callback doesn't have to rely on virt_dev at
> all.
>
> [1]
> https://lore.kernel.org/r/1617179142-2681-2-git-send-email-chunfeng.yun@xxxxxxxxxxxx
>
> Signed-off-by: Ikjoon Jang <ikjn@xxxxxxxxxxxx>
> ---
>
> drivers/usb/host/xhci-mtk-sch.c | 140 ++++++++++++++++++----------
> ----
> drivers/usb/host/xhci-mtk.h | 15 ++--
> 2 files changed, 86 insertions(+), 69 deletions(-)
>
> diff --git a/drivers/usb/host/xhci-mtk-sch.c b/drivers/usb/host/xhci-
> mtk-sch.c
> index cffcaf4dfa9f..f9b4d27ce449 100644
> --- a/drivers/usb/host/xhci-mtk-sch.c
> +++ b/drivers/usb/host/xhci-mtk-sch.c
>
I see the patch is already in usb-next branch, but find some new bugs
introduced after I test it (one NULL point dereference oops, two memory
leakage due to no error handling).
What do I need to do? revert this patch then send new version or just
send fix patches?
Thanks