- 02 6月, 2016 2 次提交
-
-
由 Mathias Nyman 提交于
If commands timeout we mark them for abortion, then stop the command ring, and turn the commands to no-ops and finally restart the command ring. If the host is working properly the no-op commands will finish and pending completions are called. If we notice the host is failing, driver clears the command ring and completes, deletes and frees all pending commands. There are two separate cases reported where host is believed to work properly but is not. In the first case we successfully stop the ring but no abort or stop command ring event is ever sent and host locks up. The second case is if a host is removed, command times out and driver believes the ring is stopped, and assumes it will be restarted, but actually ends up timing out on the same command forever. If one of the pending commands has the xhci->mutex held it will block xhci_stop() in the remove codepath which otherwise would cleanup pending commands. Add a check that clears all pending commands in case host is removed, or we are stuck timing out on the same command. Also restart the command timeout timer when stopping the command ring to ensure we recive an ring stop/abort event. Cc: stable <stable@vger.kernel.org> Tested-by: NJoe Lawrence <joe.lawrence@stratus.com> Signed-off-by: NMathias Nyman <mathias.nyman@linux.intel.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Gabriel Krisman Bertazi 提交于
Under stress occasions some TI devices might not return early when reading the status register during the quirk invocation of xhci_irq made by usb_hcd_pci_remove. This means that instead of returning, we end up handling this interruption in the middle of a shutdown. Since xhci->event_ring has already been freed in xhci_mem_cleanup, we end up accessing freed memory, causing the Oops below. commit 8c24d6d7 ("usb: xhci: stop everything on the first call to xhci_stop") is the one that changed the instant in which we clean up the event queue when stopping a device. Before, we didn't call xhci_mem_cleanup at the first time xhci_stop is executed (for the shared HCD), instead, we only did it after the invocation for the primary HCD, much later at the removal path. The code flow for this oops looks like this: xhci_pci_remove() usb_remove_hcd(xhci->shared) xhci_stop(xhci->shared) xhci_halt() xhci_mem_cleanup(xhci); // Free the event_queue usb_hcd_pci_remove(primary) xhci_irq() // Access the event_queue if STS_EINT is set. Crash. xhci_stop() xhci_halt() // return early The fix modifies xhci_stop to only cleanup the xhci data when releasing the primary HCD. This way, we still have the event_queue configured when invoking xhci_irq. We still halt the device on the first call to xhci_stop, though. I could reproduce this issue several times on the mainline kernel by doing a bind-unbind stress test with a specific storage gadget attached. I also ran the same test over-night with my patch applied and didn't observe the issue anymore. [ 113.334124] Unable to handle kernel paging request for data at address 0x00000028 [ 113.335514] Faulting instruction address: 0xd00000000d4f767c [ 113.336839] Oops: Kernel access of bad area, sig: 11 [#1] [ 113.338214] SMP NR_CPUS=1024 NUMA PowerNV [c000000efe47ba90] c000000000720850 usb_hcd_irq+0x50/0x80 [c000000efe47bac0] c00000000073d328 usb_hcd_pci_remove+0x68/0x1f0 [c000000efe47bb00] d00000000daf0128 xhci_pci_remove+0x78/0xb0 [xhci_pci] [c000000efe47bb30] c00000000055cf70 pci_device_remove+0x70/0x110 [c000000efe47bb70] c00000000061c6bc __device_release_driver+0xbc/0x190 [c000000efe47bba0] c00000000061c7d0 device_release_driver+0x40/0x70 [c000000efe47bbd0] c000000000619510 unbind_store+0x120/0x150 [c000000efe47bc20] c0000000006183c4 drv_attr_store+0x64/0xa0 [c000000efe47bc60] c00000000039f1d0 sysfs_kf_write+0x80/0xb0 [c000000efe47bca0] c00000000039e14c kernfs_fop_write+0x18c/0x1f0 [c000000efe47bcf0] c0000000002e962c __vfs_write+0x6c/0x190 [c000000efe47bd90] c0000000002eab40 vfs_write+0xc0/0x200 [c000000efe47bde0] c0000000002ec85c SyS_write+0x6c/0x110 [c000000efe47be30] c000000000009260 system_call+0x38/0x108 Signed-off-by: NGabriel Krisman Bertazi <krisman@linux.vnet.ibm.com> Cc: Roger Quadros <rogerq@ti.com> Cc: joel@jms.id.au Cc: stable@vger.kernel.org Reviewed-by: NRoger Quadros <rogerq@ti.com> Cc: <stable@vger.kernel.org> #v4.3+ Tested-by: NJoel Stanley <joel@jms.id.au> Signed-off-by: NMathias Nyman <mathias.nyman@linux.intel.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
- 01 6月, 2016 1 次提交
-
-
由 John Youn 提交于
As of core revision 2.60a the recommended programming model is to set the ClearPendIN bit when issuing a Clear Stall EP command for IN endpoints. This is to prevent an issue where some (non-compliant) hosts may not send ACK TPs for pending IN transfers due to a mishandled error condition. Synopsys STAR 9000614252. Signed-off-by: NJohn Youn <johnyoun@synopsys.com> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
- 31 5月, 2016 16 次提交
-
-
由 Peter Griffin 提交于
Set USB3_FORCE_VBUSVALID when configured for USB_DR_MODE_PERIPHERAL mode, as it is required to have a working setup. This worked on the internal driver by relying on the reset value of the syscfg register as the bits aren't explicity cleared and set like the upstream driver. Also add a comment about what setting this bit means. Signed-off-by: NPeter Griffin <peter.griffin@linaro.org> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
由 William Wu 提交于
In OS descriptors handling, if ctrl->bRequestType is USB_RECIP_DEVICE and w_index != 0x4 or (w_value >> 8) is true, it will not assign a valid value to req->length, but use the default value(-EOPNOTSUPP), and queue an OS desc request with the invalid req->length. It always happens on the platforms which use os_desc (for example: rk3366, rk3399), and cause kernel panic as follows (use dwc3 driver): Unable to handle kernel paging request at virtual address ffffffc0f7e00000 Internal error: Oops: 96000146 [#1] PREEMPT SMP PC is at __dma_clean_range+0x18/0x30 LR is at __swiotlb_map_page+0x50/0x64 Call trace: [<ffffffc0000930f8>] __dma_clean_range+0x18/0x30 [<ffffffc00062214c>] usb_gadget_map_request+0x134/0x1b0 [<ffffffc0005c289c>] __dwc3_ep0_do_control_data+0x110/0x14c [<ffffffc0005c2d38>] __dwc3_gadget_ep0_queue+0x198/0x1b8 [<ffffffc0005c2e18>] dwc3_gadget_ep0_queue+0xc0/0xe8 [<ffffffc00061cfec>] composite_ep0_queue.constprop.14+0x34/0x98 [<ffffffc00061dfb0>] composite_setup+0xf60/0x100c [<ffffffc0006204dc>] android_setup+0xd8/0x138 [<ffffffc0005c29a4>] dwc3_ep0_delegate_req+0x34/0x50 [<ffffffc0005c3534>] dwc3_ep0_interrupt+0x5dc/0xb58 [<ffffffc0005c0c3c>] dwc3_thread_interrupt+0x15c/0xa24 With this patch, the gadget driver will not queue a request and return immediately if req->length is invalid. And the usb controller driver can handle the unsupport request correctly. Signed-off-by: NWilliam Wu <william.wu@rock-chips.com> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
由 Jim Lin 提交于
If c->cdev->use_os_string flag is not set, don't need to invoke ffs_do_os_descs() in _ffs_func_bind. So uninitialized ext_compat_id pointer won't be accessed by __ffs_func_bind_do_os_desc to cause kernel panic. Signed-off-by: NJim Lin <jilin@nvidia.com> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
由 Heinrich Schuchardt 提交于
Commit dc8c46a5 ("usb: gadget: f_tcm: convert to new function interface with backward compatibility") introduced a possible out of bounds memory access: If tpg is not found in function usbg_drop_tpg, tpg_instances[TPG_INSTANCES] is accessed. Fixes: dc8c46a5 ("usb: gadget: f_tcm: convert to new function interface with backward compatibility") Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
由 Heinrich Schuchardt 提交于
Function in_rq_cur copies random bytes from the stack. Zero the memory instead. Fixes: 132fcb46 ("usb: gadget: Add Audio Class 2.0 Driver") Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
由 Arnd Bergmann 提交于
A patch that went into Linux-4.4 to fix big-endian mode on a Lantiq MIPS system unfortunately broke big-endian operation on PowerPC APM82181 as reported by Christian Lamparter, and likely other systems. It actually introduced multiple issues: - it broke big-endian ARM kernels: any machine that was working correctly with a little-endian kernel is no longer using byteswaps on big-endian kernels, which clearly breaks them. - On PowerPC the same thing must be true: if it was working before, using big-endian kernels is now broken. Unlike ARM, 32-bit PowerPC usually uses big-endian kernels, so they are likely all broken. - The barrier for dwc2_writel is on the wrong side of the __raw_writel(), so the MMIO no longer synchronizes with DMA operations. - On architectures that require specific CPU instructions for MMIO access, using the __raw_ variant may turn this into a pointer dereference that does not have the same effect as the readl/writel. This patch is a simple revert for all architectures other than MIPS, in the hope that we can more easily backport it to fix the regression on PowerPC and ARM systems without breaking the Lantiq system again. We should follow this up with a more elaborate change to add runtime detection of endianness, to make sure it also works on all other combinations of architectures and implementations of the usb-dwc2 device. That patch however will be fairly large and not appropriate for backports to stable kernels. Felipe suggested a different approach, using an endianness switching register to always put the device into LE mode, but unfortunately the dwc2 hardware does not provide a generic way to do that. Also, I see no practical way of addressing the problem more generally by patching architecture specific code on MIPS. Fixes: 95c8bc36 ("usb: dwc2: Use platform endianness when accessing registers") Acked-by: NJohn Youn <johnyoun@synopsys.com> Tested-by: NChristian Lamparter <chunkeey@googlemail.com> Signed-off-by: NArnd Bergmann <arnd@arndb.de> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
由 Jim Lin 提交于
Current __ffs_data_do_os_desc() of f_fs.c will check reserved1 field of OS_DESC_EXT_COMPAT and return -EINVAL if it's 1. But MS OS 1.0 Descriptors http://msdn.microsoft.com/en-us/library/windows/hardware/gg463179.aspx defines that field to be 1. Signed-off-by: NJim Lin <jilin@nvidia.com> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
由 Krzysztof Opasiak 提交于
Device qualifier descriptor is now generated by composite.c code. So let's fix this old comment by removing parts which are no longer valid. Signed-off-by: NKrzysztof Opasiak <k.opasiak@samsung.com> Signed-off-by: NKrzysztof Opasiak <kopasiak90@gmail.com> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
由 Krzysztof Opasiak 提交于
This descriptor is never used. Currently device qualifier descriptor is generated by compossite code so no need to keep it in function file. Signed-off-by: NKrzysztof Opasiak <k.opasiak@samsung.com> Signed-off-by: NKrzysztof Opasiak <kopasiak90@gmail.com> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
由 Krzysztof Opasiak 提交于
This descriptor is never used. Currently device qualifier descriptor is generated by compossite code, so no need to keep it in function file. Signed-off-by: NKrzysztof Opasiak <k.opasiak@samsung.com> Signed-off-by: NKrzysztof Opasiak <kopasiak90@gmail.com> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
由 Vahram Aharonyan 提交于
Add a check in dwc2_hsotg_ep_sethalt() so that it does not halt isochronous endpoints. Signed-off-by: NVahram Aharonyan <vahrama@synopsys.com> Signed-off-by: NJohn Youn <johnyoun@synopsys.com> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
由 Vahram Aharonyan 提交于
The gadget API function usb_ep_set_halt() expects the gadget to return -EAGAIN if the ep is active. Add support for this behavior. Otherwise this may break mass storage protocol if a STALL is attempted on the endpoint. Signed-off-by: NVahram Aharonyan <vahrama@synopsys.com> Signed-off-by: NJohn Youn <johnyoun@synopsys.com> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
由 Bin Liu 提交于
[ 40.467381] ============================================= [ 40.473013] [ INFO: possible recursive locking detected ] [ 40.478651] 4.6.0-08691-g7f3db9a #37 Not tainted [ 40.483466] --------------------------------------------- [ 40.489098] usb/733 is trying to acquire lock: [ 40.493734] (&(&dev->lock)->rlock){-.....}, at: [<bf129288>] ep0_complete+0x18/0xdc [gadgetfs] [ 40.502882] [ 40.502882] but task is already holding lock: [ 40.508967] (&(&dev->lock)->rlock){-.....}, at: [<bf12a420>] ep0_read+0x20/0x5e0 [gadgetfs] [ 40.517811] [ 40.517811] other info that might help us debug this: [ 40.524623] Possible unsafe locking scenario: [ 40.524623] [ 40.530798] CPU0 [ 40.533346] ---- [ 40.535894] lock(&(&dev->lock)->rlock); [ 40.540088] lock(&(&dev->lock)->rlock); [ 40.544284] [ 40.544284] *** DEADLOCK *** [ 40.544284] [ 40.550461] May be due to missing lock nesting notation [ 40.550461] [ 40.557544] 2 locks held by usb/733: [ 40.561271] #0: (&f->f_pos_lock){+.+.+.}, at: [<c02a6114>] __fdget_pos+0x40/0x48 [ 40.569219] #1: (&(&dev->lock)->rlock){-.....}, at: [<bf12a420>] ep0_read+0x20/0x5e0 [gadgetfs] [ 40.578523] [ 40.578523] stack backtrace: [ 40.583075] CPU: 0 PID: 733 Comm: usb Not tainted 4.6.0-08691-g7f3db9a #37 [ 40.590246] Hardware name: Generic AM33XX (Flattened Device Tree) [ 40.596625] [<c010ffbc>] (unwind_backtrace) from [<c010c1bc>] (show_stack+0x10/0x14) [ 40.604718] [<c010c1bc>] (show_stack) from [<c04207fc>] (dump_stack+0xb0/0xe4) [ 40.612267] [<c04207fc>] (dump_stack) from [<c01886ec>] (__lock_acquire+0xf68/0x1994) [ 40.620440] [<c01886ec>] (__lock_acquire) from [<c0189528>] (lock_acquire+0xd8/0x238) [ 40.628621] [<c0189528>] (lock_acquire) from [<c06ad6b4>] (_raw_spin_lock_irqsave+0x38/0x4c) [ 40.637440] [<c06ad6b4>] (_raw_spin_lock_irqsave) from [<bf129288>] (ep0_complete+0x18/0xdc [gadgetfs]) [ 40.647339] [<bf129288>] (ep0_complete [gadgetfs]) from [<bf10a728>] (musb_g_giveback+0x118/0x1b0 [musb_hdrc]) [ 40.657842] [<bf10a728>] (musb_g_giveback [musb_hdrc]) from [<bf108768>] (musb_g_ep0_queue+0x16c/0x188 [musb_hdrc]) [ 40.668772] [<bf108768>] (musb_g_ep0_queue [musb_hdrc]) from [<bf12a944>] (ep0_read+0x544/0x5e0 [gadgetfs]) [ 40.678963] [<bf12a944>] (ep0_read [gadgetfs]) from [<c0284470>] (__vfs_read+0x20/0x110) [ 40.687414] [<c0284470>] (__vfs_read) from [<c0285324>] (vfs_read+0x88/0x114) [ 40.694864] [<c0285324>] (vfs_read) from [<c0286150>] (SyS_read+0x44/0x9c) [ 40.702051] [<c0286150>] (SyS_read) from [<c0107820>] (ret_fast_syscall+0x0/0x1c) This is caused by the spinlock bug in ep0_read(). Fix the two other deadlock sources in gadgetfs_setup() too. Cc: <stable@vger.kernel.org> # v3.16+ Signed-off-by: NBin Liu <b-liu@ti.com> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
由 Dan Carpenter 提交于
This loop is supposed to set all the .num[] values to -1 but it's off by one so it skips the first element and sets one element past the end of the array. I've cleaned up the loop a little as well. Fixes: ddf8abd2 ('USB: f_fs: the FunctionFS driver') Acked-by: NMichal Nazarewicz <mina86@mina86.com> Signed-off-by: NDan Carpenter <dan.carpenter@oracle.com> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
由 Steinar H. Gunderson 提交于
dwc3-exynos has two problems during init if the regulators are slow to come up (for instance if the I2C bus driver is not on the initramfs) and return probe deferral. First, every time this happens, the driver leaks the USB phys created; they need to be deallocated on error. Second, since the phy devices are created before the regulators fail, this means that there's a new device to re-trigger deferred probing, which causes it to essentially go into a busy loop of re-probing the device until the regulators come up. Move the phy creation to after the regulators have succeeded, and also fix cleanup on failure. On my ODROID XU4 system (with Debian's initramfs which doesn't contain the I2C driver), this reduces the number of probe attempts (for each of the two controllers) from more than 2000 to eight. Signed-off-by: NSteinar H. Gunderson <sesse@google.com> Reviewed-by: NKrzysztof Kozlowski <k.kozlowski@samsung.com> Reviewed-by: NVivek Gautam <gautam.vivek@samsung.com> Fixes: d720f057 ("usb: dwc3: exynos: add nop transceiver support") Cc: <stable@vger.kernel.org> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
由 Krzysztof Opasiak 提交于
By default user could store only valid UDC name in configfs UDC attr by doing: echo $UDC_NAME > UDC Commit (855ed04a "usb: gadget: udc-core: independent registration of gadgets and gadget drivers") broke this behavior and allowed to store any arbitrary string in UDC file and udc core was waiting for such controller to appear. echo "any arbitrary string here" > UDC This commit fix this by adding a flag which prevents configfs gadget from being added to list of pending drivers if UDC with given name has not been found. Signed-off-by: NKrzysztof Opasiak <k.opasiak@samsung.com> Signed-off-by: NFelipe Balbi <felipe.balbi@linux.intel.com>
-
- 14 5月, 2016 1 次提交
-
-
由 Maarten ter Huurne 提交于
The ohci-platform driver can control the clock, while usb-nop-xceiv as the PHY can control the vbus regulator. So this JZ4740-specific glue is not needed anymore. Signed-off-by: NMaarten ter Huurne <maarten@treewalker.org> Acked-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Lars-Peter Clausen <lars@metafoo.de> Cc: Paul Cercueil <paul@crapouillou.net> Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/13105/Signed-off-by: NRalf Baechle <ralf@linux-mips.org>
-
- 11 5月, 2016 1 次提交
-
-
由 Mathieu OTHACEHE 提交于
Add support for : - UPort 1110 : 1 port RS-232 USB to Serial Hub. - UPort 1130 : 1 port RS-422/485 USB to Serial Hub. - UPort 1130I : 1 port RS-422/485 USB to Serial Hub with Isolation. - UPort 1150 : 1 port RS-232/422/485 USB to Serial Hub. - UPort 1150I : 1 port RS-232/422/485 USB to Serial Hub with Isolation. These devices are based on TI 3410 chip. Signed-off-by: NMathieu OTHACEHE <m.othacehe@gmail.com> [johan: fix rs485-only check ] Signed-off-by: NJohan Hovold <johan@kernel.org>
-
- 10 5月, 2016 10 次提交
-
-
由 Christoph Hellwig 提交于
Signed-off-by: NChristoph Hellwig <hch@lst.de> Signed-off-by: NNicholas Bellinger <nab@linux-iscsi.org>
-
由 Christoph Hellwig 提交于
Turns out the template and thus many drivers got the return value wrong: 0 means the fabrics driver needs to put a session reference, which no driver except for the iSCSI target drivers did. Fortunately none of these drivers supports explicit Node ACLs, so the bug was harmless. Even without that only qla2xxx and iscsi every did real work in shutdown_session, so get rid of the boilerplate code in all other drivers. Signed-off-by: NChristoph Hellwig <hch@lst.de> Signed-off-by: NNicholas Bellinger <nab@linux-iscsi.org>
-
由 Johan Hovold 提交于
Due to a missing upper bound, invalid minor numbers could be assigned to ports. Such devices would later fail to register, but let's catch this early as intended and avoid having devices with only a subset of their ports registered (potentially the empty set). Signed-off-by: NJohan Hovold <johan@kernel.org> Acked-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Johan Hovold 提交于
The interface read URB is submitted in attach, but was only unlinked by the driver at disconnect. In case of a late probe error (e.g. due to failed minor allocation), disconnect is never called and we would end up with active URBs for an unbound interface. This in turn could lead to deallocated memory being dereferenced in the completion callback. Fixes: f7a33e60 ("USB: serial: add quatech2 usb to serial driver") Cc: stable <stable@vger.kernel.org> # v3.5: 40d04738Signed-off-by: NJohan Hovold <johan@kernel.org> Acked-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Johan Hovold 提交于
The interface read and event URBs are submitted in attach, but were never explicitly unlinked by the driver. Instead the URBs would have been killed by usb-serial core on disconnect. In case of a late probe error (e.g. due to failed minor allocation), disconnect is never called and we could end up with active URBs for an unbound interface. This in turn could lead to deallocated memory being dereferenced in the completion callbacks. Fixes: ee467a1f ("USB: serial: add Moxa UPORT 12XX/14XX/16XX driver") Cc: stable <stable@vger.kernel.org> # v3.14 Signed-off-by: NJohan Hovold <johan@kernel.org> Acked-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Johan Hovold 提交于
The URB status is signed and should be printed using %d rather than %x. Also print endpoint addresses consistently using %x rather than %d, and merge a broken-up error message string. Signed-off-by: NJohan Hovold <johan@kernel.org> Acked-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Johan Hovold 提交于
A driver must not rely on the URB status field to try to determine if an URB is active. Signed-off-by: NJohan Hovold <johan@kernel.org> Acked-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Johan Hovold 提交于
The interface instat and indat URBs were submitted in attach, but never unlinked in release before deallocating the corresponding transfer buffers. In the case of a late probe error (e.g. due to failed minor allocation), disconnect would not have been called before release, causing the buffers to be freed while the URBs are still in use. We'd also end up with active URBs for an unbound interface. Fixes: f9c99bb8 ("USB: usb-serial: replace shutdown with disconnect, release") Cc: stable <stable@vger.kernel.org> # v2.6.31 Signed-off-by: NJohan Hovold <johan@kernel.org> Acked-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Johan Hovold 提交于
URBs and buffers allocated in attach for Epic devices would never be deallocated in case of a later probe error (e.g. failure to allocate minor numbers) as disconnect is then never called. Fix by moving deallocation to release and making sure that the URBs are first unlinked. Fixes: f9c99bb8 ("USB: usb-serial: replace shutdown with disconnect, release") Cc: stable <stable@vger.kernel.org> # v2.6.31 Signed-off-by: NJohan Hovold <johan@kernel.org> Acked-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Johan Hovold 提交于
Private data, URBs and buffers allocated for Epic devices during attach were never released on errors (e.g. missing endpoints). Fixes: 6e8cf775 ("USB: add EPIC support to the io_edgeport driver") Cc: stable <stable@vger.kernel.org> # v2.6.21 Signed-off-by: NJohan Hovold <johan@kernel.org> Acked-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
- 09 5月, 2016 7 次提交
-
-
由 Sandhya Bankar 提交于
Remove unnecessary space before operator ','. Signed-off-by: NSandhya Bankar <bankarsandhya512@gmail.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Sandhya Bankar 提交于
Remove unnecessary space before open square bracket. Signed-off-by: NSandhya Bankar <bankarsandhya512@gmail.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Heinrich Schuchardt 提交于
The right part of the following or expression is only evaluated if td is nonzero. !td || (td && td.status == USB_TD_INPROGRESS) So no need to check td again. Signed-off-by: NHeinrich Schuchardt <xypron.glpk@gmx.de> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Yoshihiro Shimoda 提交于
The firmware of R-Car USB 3.0 host controller will control the reset. So, if the xhci driver doesn't do firmware downloading (e.g. kernel configuration is CONFIG_USB_XHCI_PLATFORM=y and CONFIG_USB_XHCI_RCAR is not set), the reset of USB 3.0 host controller doesn't work correctly. Then, the host controller will cause long wait in xhci_reset() because the CMD_RESET bit of op_regs->command is not cleared for 10 seconds. So, this patch modifies the Kconfig to enable both CONFIG_USB_XHCI_PLATFORM and CONFIG_USB_XHCI_RCAR. Fixes: 4ac8918f (usb: host: xhci-plat: add support for the R-Car H2 and M2 xHCI controllers) Cc: <stable@vger.kernel.org> # v3.17+ Signed-off-by: NYoshihiro Shimoda <yoshihiro.shimoda.uh@renesas.com> Reviewed-by: NFelipe Balbi <felipe.balbi@linux.intel.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Colin Ian King 提交于
The goto in create_sysfs_files is never executed, so remove it and clean up the code. Signed-off-by: NColin Ian King <colin.king@canonical.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Sandhya Bankar 提交于
Do not initialise statics to 0. This patch is found by checkpatch.pl script. Signed-off-by: NSandhya Bankar <bankarsandhya512@gmail.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
由 Sandhya Bankar 提交于
Remove space before ',' and '(' . This patch is detected by checkpatch.pl Signed-off-by: NSandhya Bankar <bankarsandhya512@gmail.com> Signed-off-by: NGreg Kroah-Hartman <gregkh@linuxfoundation.org>
-
- 05 5月, 2016 2 次提交
-
-
由 Konstantin Shkolnyy 提交于
The CRTSCTS flag code cleared (and inconsistently) bits unrelated to CRTSCTS functionality. It was also harder than necessary to read. Signed-off-by: NKonstantin Shkolnyy <konstantin.shkolnyy@gmail.com> Signed-off-by: NJohan Hovold <johan@kernel.org>
-
由 Konstantin Shkolnyy 提交于
Replaced magic numbers used in the CRTSCTS flag code with symbolic names from the chip specification. Signed-off-by: NKonstantin Shkolnyy <konstantin.shkolnyy@gmail.com> Signed-off-by: NJohan Hovold <johan@kernel.org>
-