On Wed, Oct 04, 2023 at 03:26:42PM +0900, Woo-kwang Lee wrote:
This issue occurs when connecting Galaxy S22 and abnormal SEC Dex Adapter. When the abnormal adapter is connected, kernel panic always occurs after a few seconds. This occurs due to unable to get BOS descriptor, usb_release_bos_descriptor set dev->bos = NULL.
- usb_reset_and_verify_device
- hub_port_init
- usb_release_bos_descriptor
- dev->bos = NULL;
hub_port_connect_change() calls portspeed(), and portspeed() calls hub_is_s uperspeedplus(). Finally, hub_is_superspeedplus() calls hdev->bos->ssp_cap. It needs to check hdev->bos is NULL to prevent a kernel panic.
usb 3-1: new SuperSpeed Gen 1 USB device number 16 using xhci-hcd-exynos usb 3-1: unable to get BOS descriptor set usb 3-1: Product: USB3.0 Hub Unable to handle kernel NULL pointer dereference at virtual address 0000018
Call trace: hub_port_connect_change+0x8c/0x538 port_event+0x244/0x764 hub_event+0x158/0x474 process_one_work+0x204/0x550 worker_thread+0x28c/0x580 kthread+0x13c/0x178 ret_from_fork+0x10/0x30
- hub_port_connect_change
- portspeed
- hub_is_superspeedplus
Fixes: 0cdd49a1d1a4 ("usb: Support USB 3.1 extended port status request") Signed-off-by: Woo-kwang Lee wookwang.lee@samsung.com
drivers/usb/core/hub.h | 2 ++ 1 file changed, 2 insertions(+)
Are you sure this isn't already fixed by commit f74a7afc224a ("usb: hub: Guard against accesses to uninitialized BOS descriptors") in linux-next?
thanks,
greg k-h
Hello. I think I missed the patch. Thank you for your quick feedback.
Woo-kwang Lee
On Wed, Oct 04, 2023 at 03:26:42PM +0900, Woo-kwang Lee wrote:
This issue occurs when connecting Galaxy S22 and abnormal SEC Dex
Adapter.
When the abnormal adapter is connected, kernel panic always occurs after a few seconds. This occurs due to unable to get BOS descriptor, usb_release_bos_descriptor set dev->bos = NULL.
- usb_reset_and_verify_device
- hub_port_init
- usb_release_bos_descriptor
- dev->bos = NULL;
hub_port_connect_change() calls portspeed(), and portspeed() calls hub_is_s uperspeedplus(). Finally, hub_is_superspeedplus() calls hdev->bos->ssp_cap. It needs to check hdev->bos is NULL to prevent a kernel panic.
usb 3-1: new SuperSpeed Gen 1 USB device number 16 using xhci-hcd-exynos usb 3-1: unable to get BOS descriptor set usb 3-1: Product: USB3.0 Hub Unable to handle kernel NULL pointer dereference at virtual address 0000018
Call trace: hub_port_connect_change+0x8c/0x538 port_event+0x244/0x764 hub_event+0x158/0x474 process_one_work+0x204/0x550 worker_thread+0x28c/0x580 kthread+0x13c/0x178 ret_from_fork+0x10/0x30
- hub_port_connect_change
- portspeed
- hub_is_superspeedplus
Fixes: 0cdd49a1d1a4 ("usb: Support USB 3.1 extended port status request") Signed-off-by: Woo-kwang Lee wookwang.lee@samsung.com
drivers/usb/core/hub.h | 2 ++ 1 file changed, 2 insertions(+)
Are you sure this isn't already fixed by commit f74a7afc224a ("usb: hub: Guard against accesses to uninitialized BOS descriptors") in linux-next?
thanks,
greg k-h
On Wed, Oct 04, 2023 at 04:06:17PM +0900, Woo-kwang Lee wrote:
Hello. I think I missed the patch.
I do not understand, does that mean that you have tested the patch (and which one, please do not top post), and that this is not needed?
confused, greg k-h
Hello. Grek. It means that this is not needed. Commit id f74a7afc224a already has hub_is_superspeedplus modification. I'm sorry for the confusion. Thank you.
Woo-kwang Lee
-----Original Message----- From: 'Greg KH' gregkh@linuxfoundation.org Sent: Wednesday, October 4, 2023 4:22 PM To: Woo-kwang Lee wookwang.lee@samsung.com Cc: linux-usb@vger.kernel.org; linux-kernel@vger.kernel.org; stable@vger.kernel.org; sj1557.seo@samsung.com Subject: Re: [PATCH] usb: core: add bos NULL pointer checking condition
On Wed, Oct 04, 2023 at 04:06:17PM +0900, Woo-kwang Lee wrote:
Hello. I think I missed the patch.
I do not understand, does that mean that you have tested the patch (and which one, please do not top post), and that this is not needed?
confused, greg k-h
linux-stable-mirror@lists.linaro.org
-
'Greg KH' -
Greg KH
-
Woo-kwang Lee