access_ok() checks must be done on every part of the userspace structure
that is accessed. If access_ok() on one part of the struct succeeded, it
does not imply it will succeed on other parts of the struct. (Does
depend on the architecture implementation of access_ok()).
This changes the __get_user() users to first check access_ok() on the
data structure.
Signed-off-by: Michael Buesch <mb@bu3sch.de>
Cc: stable <stable@kernel.org>
Cc: Pete Zaitcev <zaitcev@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as1262) fixes a bug in usbfs: It refuses to accept
zero-length transfers, and it insists that the buffer pointer be valid
even if there is no data being transferred.
The patch also consolidates a bunch of repetitive access_ok() checks
into a single check, which incidentally fixes the lack of such a check
for Isochronous URBs.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Cc: stable <stable@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch fixes a memory leak in devio.c::processcompl
If writing to user space fails the packet must be discarded, as it
already has been removed from the queue of completed packets.
Signed-off-by: Oliver Neukum <oliver@neukum.org>
Cc: stable <stable@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Wireless USB endpoint state has a sequence number and a current
window and not just a single toggle bit. So allow HCDs to provide a
endpoint_reset method and call this or clear the software toggles as
required (after a clear halt, set configuration etc.).
usb_settoggle() and friends are then HCD internal and are moved into
core/hcd.h and all device drivers call usb_reset_endpoint() instead.
If the device endpoint state has been reset (with a clear halt) but
the host endpoint state has not then subsequent data transfers will
not complete. The device will only work again after it is reset or
disconnected.
Signed-off-by: David Vrabel <david.vrabel@csr.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
transfer_buffer_length and actual_length have become unsigned, therefore some
additional conversion of local variables, function arguments and print
specifications is desired.
A test for a negative urb->transfer_buffer_length became obsolete; instead
we ensure that it does not exceed INT_MAX. Also, urb->actual_length is always
less than urb->transfer_buffer_length.
rh_string() does no longer return -EPIPE in the case of an unsupported ID.
Instead its only caller, rh_call_control() does the check.
Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Acked-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as1223) removes a bunch of unnecessary "inline"
annotations from the usbfs driver.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
To permit a userspace application to associate with WUSB devices
using numeric association, control transfers to unauthenticated WUSB
devices must be allowed.
This requires that wusbcore correctly sets the device state to
UNAUTHENTICATED, DEFAULT and ADDRESS and that control transfers can be
performed to UNAUTHENTICATED devices.
Signed-off-by: David Vrabel <david.vrabel@csr.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
The usbfs driver manages a list of completed asynchronous URBs. But
it is too eager to free the entries on this list: destroy_async() gets
called whenever an interface is unbound or a device is removed, and it
deallocates the outstanding struct async entries for all URBs on that
interface or device. This is wrong; the user program should be able
to reap an URB any time after it has completed, regardless of whether
or not the interface is still bound or the device is still present.
This patch (as1222) moves the code for deallocating the completed list
entries from destroy_async() to usbdev_release(). The outstanding
entries won't be freed until the user program has closed the device
file, thereby eliminating any possibility that the remaining URBs
might still be reaped.
This fixes a bug in which a program can hang in the USBDEVFS_REAPURB
ioctl when the device is unplugged.
Reported-and-tested-by: Martin Poupe <martin.poupe@upek.com>
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Cc: stable <stable@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as1198) fixes a conceptual bug: Somewhere along the line
we managed to confuse USB class devices with USB char devices. As a
result, the code to send a disconnect signal to userspace would not be
built if both CONFIG_USB_DEVICE_CLASS and CONFIG_USB_DEVICEFS were
disabled.
The usb_fs_classdev_common_remove() routine has been renamed to
usbdev_remove() and it is now called whenever any USB device is
removed, not just when a class device is unregistered. The notifier
registration and unregistration calls are no longer conditionally
compiled. And since the common removal code will always be called as
part of the char device interface, there's no need to call it again as
part of the usbfs interface; thus the invocation of
usb_fs_classdev_common_remove() has been taken out of
usbfs_remove_device().
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Reported-by: Alon Bar-Lev <alon.barlev@gmail.com>
Tested-by: Alon Bar-Lev <alon.barlev@gmail.com>
Cc: stable <stable@kernel.org>
One minor nit did show up, though. The patch below
seems to make more sense than the code does without it.
Signed-off-by: Mark Lord <mlord@pobox.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Just over a year ago (!) I had this brief exchange with Alan Stern:
>> It seems that the signal that can be used with USBDEVFS_DISCSIGNAL and
>> in usbdevfs_urb.signr is limited to the real-time signals SIGRTMIN to
>> SIGRTMAX. What's the rationale for this restriction? I believe that a
>> process can kill() itself with any signal number, can't it? I was
>> planning to use SIGIO for usbdevfs_urb.signr and SIGTERM (uncaught) for
>> USBDEVFS_DISCSIGNAL. I don't think I'll have a problem with using
>> SIGRTMIN+n instead, but I'm curious to know if there's some subtle
>> problem with the non-real-time signals that I should be aware of.
>
> I don't know of any reason for this restriction.
Since no-one else could think of a reason either, I offer the following
patch which allows any signal to be used with USBDEVFS_DISCSIGNAL and
usbdevfs_urb.signr.
Signed-off-by: Phil Endecott <usbpatch@chezphil.org>
Cc: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Wrap current->cred and a few other accessors to hide their actual
implementation.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Wrap access to task credentials so that they can be separated more easily from
the task_struct during the introduction of COW creds.
Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id().
Change some task->e?[ug]id to task_e?[ug]id(). In some places it makes more
sense to use RCU directly rather than a convenient wrapper; these will be
addressed by later patches.
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Cc: Greg Kroah-Hartman <gregkh@suse.de>
Cc: linux-usb@vger.kernel.org
Signed-off-by: James Morris <jmorris@namei.org>
USB should not be having it's own printk macros, so remove err() and
use the system-wide standard of dev_err() wherever possible. In the
few places that will not work out, use a basic printk().
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
USB should not be having it's own printk macros, so remove warn() and
use the system-wide standard of dev_warn() wherever possible. In the
few places that will not work out, use a basic printk().
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as1148) adds a new "snoop" message to usbfs when a device
file is opened, identifying the process responsible. This comes in
extremely handy when trying to determine which program is doing some
unwanted USB access.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
device_create() is race-prone, so use the race-free
device_create_drvdata() instead as device_create() is going away.
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Why?:
There are occasions where userspace would like to access sysfs
attributes for a device but it may not know how sysfs has named the
device or the path. For example what is the sysfs path for
/dev/disk/by-id/ata-ST3160827AS_5MT004CK? With this change a call to
stat(2) returns the major:minor then userspace can see that
/sys/dev/block/8:32 links to /sys/block/sdc.
What are the alternatives?:
1/ Add an ioctl to return the path: Doable, but sysfs is meant to reduce
the need to proliferate ioctl interfaces into the kernel, so this
seems counter productive.
2/ Use udev to create these symlinks: Also doable, but it adds a
udev dependency to utilities that might be running in a limited
environment like an initramfs.
3/ Do a full-tree search of sysfs.
[kay.sievers@vrfy.org: fix duplicate registrations]
[kay.sievers@vrfy.org: cleanup suggestions]
Cc: Neil Brown <neilb@suse.de>
Cc: Tejun Heo <htejun@gmail.com>
Acked-by: Kay Sievers <kay.sievers@vrfy.org>
Reviewed-by: SL Baur <steve@xemacs.org>
Acked-by: Kay Sievers <kay.sievers@vrfy.org>
Acked-by: Mark Lord <lkml@rtr.ca>
Acked-by: H. Peter Anvin <hpa@zytor.com>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Fix pointer/int cast in USB devio code, and thus avoid a compiler warning.
A void* data argument passed to bus_find_device() and thence to match_devt()
is used to carry a 32-bit datum. However, casting directly between a u32 and
a pointer is not permitted - there must be an intermediate cast via (unsigned)
long.
This was introduced by the following patch:
commit 94b1c9fa060ece2c8f080583beb6cc6008e41413
Author: Alan Stern <stern@rowland.harvard.edu>
Date: Tue Jun 24 14:47:12 2008 -0400
usbfs: simplify the lookup-by-minor routines
This patch (as1105) simplifies the lookup-by-minor-number code in
usbfs. Instead of passing the minor number to the callback, which
must then reconstruct the entire dev_t value, the patch passes the
dev_t value directly.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: David Howells <dhowells@redhat.com>
Cc: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as1107) fixes a small bug in the usbfs registration and
unregistration code. It avoids leaving an error value stored in the
device's usb_classdev field and it avoids trying to unregister a NULL
pointer. (It also fixes a rather extreme overuse of whitespace.)
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as1106) fixes a race between opening and unregistering
device files in usbfs. The current code drops its reference to the
device and then reacquires it, ignoring the possibility that the
device structure might have been removed in the meantime. It also
doesn't check whether the device is already in the NOTATTACHED state
when the file is opened.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as1105) simplifies the lookup-by-minor-number code in
usbfs. Instead of passing the minor number to the callback, which
must then reconstruct the entire dev_t value, the patch passes the
dev_t value directly.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
USB device files are accessible in two ways: as files in usbfs and as
character device nodes. The two paths are supposed to behave
identically, but they don't. When the underlying USB device is
unplugged, disconnect signals are sent to processes with open usbfs
files (if they requested these signals) but not to processes with open
device node files.
This patch (as1104) fixes the bug by moving the disconnect-signalling
code into a common subroutine which is called from both paths.
Putting this subroutine in devio.c removes the only out-of-file
reference to struct dev_state, and so the structure's declaration can
be moved from usb.h into devio.c.
Finally, the new subroutine performs one extra action: It kills all
the outstanding async URBs. (I'd kill the outstanding synchronous
URBs too, if there was any way to do it.) In the past this hasn't
mattered much, because devices were unregistered from usbfs only
when they were disconnected. But now the unregistration can also
occur whenever devices are unbound from the usb_generic driver. At
any rate, killing URBs when a device is unregistered from usbfs seems
like a good thing to do.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch renames the existing usb_reset_device in hub.c to
usb_reset_and_verify_device and renames the existing
usb_reset_composite_device to usb_reset_device. Also the new
usb_reset_and_verify_device does't need to be EXPORTED .
The idea of the patch is that external interface driver
should warn the other interfaces' driver of the same
device before and after reseting the usb device. One interface
driver shoud call _old_ usb_reset_composite_device instead of
_old_ usb_reset_device since it can't assume the device contains
only one interface. The _old_ usb_reset_composite_device
is safe for single interface device also. we rename the two
functions to make the change easily.
This patch is under guideline from Alan Stern.
Signed-off-by: Ming Lei <tom.leiming@gmail.com>
From the current implementation of usb_reset_composite_device
function, the iface parameter is no longer useful. This function
doesn't do something special for the iface usb_interface,compared
with other interfaces in the usb_device. So remove the parameter
and fix the related caller.
Signed-off-by: Ming Lei <tom.leiming@gmail.com>
Acked-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch removes CVS keywords that weren't updated for a long time
from comments.
Signed-off-by: Adrian Bunk <bunk@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
__FUNCTION__ is gcc-specific, use __func__
Signed-off-by: Harvey Harrison <harvey.harrison@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as1079) cleans up the way URB_* flags are exported in
usbfs.
The URB_NO_INTERRUPT flag is now exported (this is the
only behavioral change).
USBDEVFS_URB_* macros are added for URB_NO_FSBR,
URB_ZERO_PACKET, and URB_NO_INTERRUPT, making explicit the
fact that the kernel accepts them.
The flag matching takes into account that the URB_* values
may change as the kernel evolves, whereas the USBDEVFS_URB_*
values must remain fixed since they are a user API.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
drivers/usb/core/devio.c: In function 'proc_control':
drivers/usb/core/devio.c:657: warning: comparison is always false due to limited range of data type
Cc: Alan Stern <stern@rowland.harvard.edu>
Cc: Pete Zaitcev <zaitcev@redhat.com>
Cc: Oliver Neukum <oliver@neukum.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
The ISO descriptors are allocated separately in proc_submiturb for a fetch
from user mode, then tucked at the end of URB. This seems like a dead code.
Signed-off-by: Pete Zaitcev <zaitcev@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as1022b) adds stub methods for suspend and resume to the
usbfs driver. There isn't much they can do since there's no way to
inform a user task about the events. But it's important to have the
stubs, because an upcoming change to usbcore will automatically unbind
drivers that don't have those methods when a suspend occurs.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
For as long as I've known about it, the USBDEVFS_CONNECT ioctl hasn't
done what it's supposed to. The current code reprobes _all_ the
unbound USB interfaces; this patch (as1021) makes it reprobe only the
interface for which it was called.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
The task_struct->pid member is going to be deprecated, so start
using the helpers (task_pid_nr/task_pid_vnr/task_pid_nr_ns) in
the kernel.
The first thing to start with is the pid, printed to dmesg - in
this case we may safely use task_pid_nr(). Besides, printks produce
more (much more) than a half of all the explicit pid usage.
[akpm@linux-foundation.org: git-drm went and changed lots of stuff]
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Cc: Dave Airlie <airlied@linux.ie>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
* master.kernel.org:/pub/scm/linux/kernel/git/gregkh/driver-2.6: (75 commits)
PM: merge device power-management source files
sysfs: add copyrights
kobject: update the copyrights
kset: add some kerneldoc to help describe what these strange things are
Driver core: rename ktype_edd and ktype_efivar
Driver core: rename ktype_driver
Driver core: rename ktype_device
Driver core: rename ktype_class
driver core: remove subsystem_init()
sysfs: move sysfs file poll implementation to sysfs_open_dirent
sysfs: implement sysfs_open_dirent
sysfs: move sysfs_dirent->s_children into sysfs_dirent->s_dir
sysfs: make sysfs_root a regular directory dirent
sysfs: open code sysfs_attach_dentry()
sysfs: make s_elem an anonymous union
sysfs: make bin attr open get active reference of parent too
sysfs: kill unnecessary NULL pointer check in sysfs_release()
sysfs: kill unnecessary sysfs_get() in open paths
sysfs: reposition sysfs_dirent->s_mode.
sysfs: kill sysfs_update_file()
...
This patch (as981) removes the remaining nontrivial usages of
urb->status from usbcore.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as948) removes most of the references to urb->pipe from
the usbfs routines in devio.c. The one tricky aspect is in
snoop_urb(), which can be called before the URB is submitted and which
uses usb_urb_dir_in(). For this to work properly, the URB's direction
flag must be set manually in proc_do_submiturb().
The patch also fixes a minor bug; the wValue, wIndex, and wLength
fields were snooped in proc_do_submiturb() without conversion from
le16 to CPU-byte-ordering.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
struct cdev does not need the kobject name to be set, as it is never
used. This patch fixes up the few places it is set.
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Acked-by: Mauro Carvalho Chehab <mchehab@infradead.org>
o The "real" usb-devices export now a device node which can
populate /dev/bus/usb.
o The usb_device class is optional now and can be disabled in the
kernel config. Major/minor of the "real" devices and class devices
are the same.
o The environment of the usb-device event contains DEVNUM and BUSNUM to
help udev and get rid of the ugly udev rule we need for the class
devices.
o The usb-devices and usb-interfaces share the same bus, so I used
the new "struct device_type" to let these devices identify
themselves. This also removes the current logic of using a magic
platform-pointer.
The name of the device_type is also added to the environment
which makes it easier to distinguish the different kinds of devices
on the same subsystem.
It looks like this:
add@/devices/pci0000:00/0000:00:1d.1/usb2/2-1
ACTION=add
DEVPATH=/devices/pci0000:00/0000:00:1d.1/usb2/2-1
SUBSYSTEM=usb
SEQNUM=1533
MAJOR=189
MINOR=131
DEVTYPE=usb_device
PRODUCT=46d/c03e/2000
TYPE=0/0/0
BUSNUM=002
DEVNUM=004
This udev rule works as a replacement for usb_device class devices:
SUBSYSTEM=="usb", ACTION=="add", ENV{DEVTYPE}=="usb_device", \
NAME="bus/usb/$env{BUSNUM}/$env{DEVNUM}", MODE="0644"
Updated patch, which needs the device_type patches in Greg's tree.
I also got a bugzilla assigned for this. :)
https://bugzilla.novell.com/show_bug.cgi?id=250659
Signed-off-by: Kay Sievers <kay.sievers@vrfy.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
The driver core stopped using the rwsem a long time ago, yet the USB
core still grabbed the lock, thinking it protected something. This
patch removes that useless use.
Cc: Alan Stern <stern@rowland.harvard.edu>
Cc: Oliver Neukum <oneukum@suse.de>
Cc: David Brownell <david-b@pacbell.net>
Cc: linux-usb-devel <linux-usb-devel@lists.sourceforge.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as862) fixes a couple of bugs in the way usbcore handles
intervals for interrupt URBs. usb_interrupt_msg (and usb_bulk_msg for
backward compatibility) don't set the interval correctly for
high-speed devices. proc_do_submiturb() doesn't set it correctly when
a bulk URB is submitted to an interrupt endpoint.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Some USB devices do have a configuration 0, in contravention of the
USB spec. Normally 0 is supposed to indicate that a device is
unconfigured.
While we can't change what the device is doing, we can change usbcore.
This patch (as852) allows usb_set_configuration() to accept a config
value of -1 as indicating that the device should be unconfigured. The
request actually sent to the device will still contain 0 as the value.
But even if the device does have a configuration 0, dev->actconfig
will be set to NULL and dev->state will be set to USB_STATE_ADDRESS.
Without some sort of special-case handling like this, there is no way
to unconfigure these non-compliant devices.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
It should hopefully fix the list corruption bug on:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=214402
Add a missing INIT_LIST_HEAD()
Signed-off-by: Dan Carpenter <error27@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This moves the usb class devices that control the usbfs nodes to show up
in the proper place in the larger device tree.
Cc: Kay Sievers <kay.sievers@vrfy.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
When sending CONTROL URB's using the usual CONTROL ioctl, logging works
fine, but when sending them via SUBMITURB, like VMWare does, the
control fields are not logged. This patch fixes that.
I didn't see any major changes to devio.c recently, so this patch should apply
cleanly to even the latest kernel. I can resubmit if it doesn't.
From: Chris Frey <cdfrey@foursquare.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Thanks to several earlier patches, usb_autosuspend_device() and
usb_autoresume_device() are never called with a second argument other
than 1. This patch (as819) removes the now-redundant argument.
It also consolidates some common code between those two routines,
putting it into a new subroutine called usb_autopm_do_device(). And
it includes a sizable kerneldoc update for the affected functions.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch adds missing class_device_create() error check,
and makes notifier return NOTIFY_BAD.
Signed-off-by: Akinobu Mita <akinobu.mita@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Maintain a per-CPU global "struct pt_regs *" variable which can be used instead
of passing regs around manually through all ~1800 interrupt handlers in the
Linux kernel.
The regs pointer is used in few places, but it potentially costs both stack
space and code to pass it around. On the FRV arch, removing the regs parameter
from all the genirq function results in a 20% speed up of the IRQ exit path
(ie: from leaving timer_interrupt() to leaving do_IRQ()).
Where appropriate, an arch may override the generic storage facility and do
something different with the variable. On FRV, for instance, the address is
maintained in GR28 at all times inside the kernel as part of general exception
handling.
Having looked over the code, it appears that the parameter may be handed down
through up to twenty or so layers of functions. Consider a USB character
device attached to a USB hub, attached to a USB controller that posts its
interrupts through a cascaded auxiliary interrupt controller. A character
device driver may want to pass regs to the sysrq handler through the input
layer which adds another few layers of parameter passing.
I've build this code with allyesconfig for x86_64 and i386. I've runtested the
main part of the code on FRV and i386, though I can't test most of the drivers.
I've also done partial conversion for powerpc and MIPS - these at least compile
with minimal configurations.
This will affect all archs. Mostly the changes should be relatively easy.
Take do_IRQ(), store the regs pointer at the beginning, saving the old one:
struct pt_regs *old_regs = set_irq_regs(regs);
And put the old one back at the end:
set_irq_regs(old_regs);
Don't pass regs through to generic_handle_irq() or __do_IRQ().
In timer_interrupt(), this sort of change will be necessary:
- update_process_times(user_mode(regs));
- profile_tick(CPU_PROFILING, regs);
+ update_process_times(user_mode(get_irq_regs()));
+ profile_tick(CPU_PROFILING);
I'd like to move update_process_times()'s use of get_irq_regs() into itself,
except that i386, alone of the archs, uses something other than user_mode().
Some notes on the interrupt handling in the drivers:
(*) input_dev() is now gone entirely. The regs pointer is no longer stored in
the input_dev struct.
(*) finish_unlinks() in drivers/usb/host/ohci-q.c needs checking. It does
something different depending on whether it's been supplied with a regs
pointer or not.
(*) Various IRQ handler function pointers have been moved to type
irq_handler_t.
Signed-Off-By: David Howells <dhowells@redhat.com>
(cherry picked from 1b16e7ac850969f38b375e511e3fa2f474a33867 commit)
The problem with remembering a user space process by its pid is that it is
possible that the process will exit, pid wrap around will occur.
Converting to a struct pid avoid that problem, and paves the way for
implementing a pid namespace.
Also since usb is the only user of kill_proc_info_as_uid rename
kill_proc_info_as_uid to kill_pid_info_as_uid and have the new version take
a struct pid.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Acked-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
The patch removes unneeded casts for the following (void *) pointers:
- struct file: private
- struct urb: context
- struct usb_bus: hcpriv
- return value of kmalloc()
The patch also contains some whitespace cleanup in the relevant areas.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as741) makes the non-hub parts of usbcore actually use the
autosuspend facilities added by an earlier patch.
Devices opened through usbfs are autoresumed and then
autosuspended upon close.
Likewise for usb-skeleton.
Devices are autoresumed for usb_set_configuration.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Making structs const prevents accidental bugs and with the proper debug
options they're protected against corruption.
Signed-off-by: Luiz Fernando N. Capitulino <lcapitulino@mandriva.com.br>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as711b) is a revised version of an earlier submission. It
modifies the usbfs code to detect when a device has been unregistered from
usbfs, even if the device is still connected. Although this can't happen
now, it will be able to happen after the upcoming changes to usb_generic.
Nobody objected to this patch when it was submitted before, so it should
be okay to apply this version. The revision is merely to take into
account the changes introduced by as723, which touches the same driver.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
The usbfs code doesn't provide sufficient mutual exclusion among open,
release, and remove. Release vs. remove is okay because they both
acquire the device lock, but open is not exclusive with either one. All
three routines modify the udev->filelist linked list, so they must not
run concurrently.
Apparently someone gave this a minimum amount of thought in the past by
explicitly acquiring the BKL at the start of the usbdev_open routine.
Oddly enough, there's a comment pointing out that locking is unnecessary
because chrdev_open already has acquired the BKL.
But this ignores the point that the files in /proc/bus/usb/* are not
char device files; they are regular files and so they don't get any
special locking. Furthermore it's necessary to acquire the same lock in
the release and remove routines, which the code does not do.
Yet another problem arises because the same file_operations structure is
accessible through both the /proc/bus/usb/* and /dev/usb/usbdev* file
nodes. Even when one of them has been removed, it's still possible for
userspace to open the other. So simple locking around the individual
remove routines is insufficient; we need to lock the entire
usb_notify_remove_device notifier chain.
Rather than rely on the BKL, this patch (as723) introduces a new private
mutex for the purpose. Holding the BKL while invoking a notifier chain
doesn't seem like a good idea.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
The following patches reduce the size of the VFS inode structure by 28 bytes
on a UP x86. (It would be more on an x86_64 system). This is a 10% reduction
in the inode size on a UP kernel that is configured in a production mode
(i.e., with no spinlock or other debugging functions enabled; if you want to
save memory taken up by in-core inodes, the first thing you should do is
disable the debugging options; they are responsible for a huge amount of bloat
in the VFS inode structure).
This patch:
The filesystem or device-specific pointer in the inode is inside a union,
which is pretty pointless given that all 30+ users of this field have been
using the void pointer. Get rid of the union and rename it to i_private, with
a comment to explain who is allowed to use the void pointer. This is just a
cleanup, but it allows us to reuse the union 'u' for something something where
the union will actually be used.
[judith@osdl.org: powerpc build fix]
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Signed-off-by: Judith Lebzelter <judith@osdl.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This reverts c182274ffe commit because it
required a newer version of udev to work properly than what is currently
documented in Documentation/Changes.
Cc: Kay Sievers <kay.sievers@vrfy.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch updates the USB core to save and pass the sending task secid when
sending signals upon AIO completion so that proper security checking can be
applied by security modules.
Signed-off-by: David Quigley <dpquigl@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This reverts commit 786dc1d3d7.
As Al so eloquently points out, the patch is crap. The old code was fine,
the new code was bogus.
It never dereferenced a user pointer, the "->" operator was to an array
member, which gives the _address_ of the member (in user space), not an
actual dereference at all.
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This moves the usb class devices that control the usbfs nodes to show up
in the proper place in the larger device tree.
No userspace changes is needed, this is compatible due to the symlinks
generated by the driver core.
Cc: Kay Sievers <kay.sievers@vrfy.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
See http://bugzilla.kernel.org/show_bug.cgi?id=6617.
This function dereference a __user pointer.
Signed-off-by: Philippe Retornaz <couriousous@mandriva.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as699) adds usb_reset_composite_device(), a routine for
sending a USB port reset to a device with multiple interfaces owned by
different drivers. Drivers are notified about impending and completed
resets through two new methods in the usb_driver structure.
The patch modifieds the usbfs ioctl code to make it use the new routine
instead of usb_reset_device(). Follow-up patches will modify the hub,
usb-storage, and usbhid drivers so they can utilize this new API.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch increases an arbitrary limit on the size of
individual isochronous packets submitted via usbfs. The
limit is still arbitrary, but it's now large enough to
support the maximum packet size used by high-bandwidth
isochronous transfers.
Signed-off-by: Micah Dowty <micah@vmware.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch removes the artificial 4088-byte limit that usbfs
currently places on Control transfers. The USB spec does not
specify a strict limit on the size of an entire control transfer.
It does, however, state that the data stage "follows the same
protocol rules as bulk transfers." (USB 2, 8.5.3)
The level of support for large control transfers in real host
controllers varies, but it's important to support at least 4K
transfers. Windows enforces a maximum control transfer size
of 4K, so there exists some hardware that requires a full 4096
byte data stage. Without this patch, we fall short of that by
8 bytes on architectures with a 4K page size, and it becomes
impossible to support such hardware with a user-space driver.
Since any limit placed on control transfers by usbfs would be
arbitrary, this patch replaces the PAGE_SIZE limit with the same
arbitrary limit used by bulk transfers.
Signed-off-by: Micah Dowty <micah@vmware.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
check_ctrlrecip() disallows any control transfers if the device is
deconfigured (in configuration 0, ie. state ADDRESS). This for example
makes it impossible to read the device descriptors without configuring the
device, although most standard device requests are allowed in this state by
the spec. This patch allows control transfers for the ADDRESS state, too.
Signed-off-by: Horst Schirmeier <horst@schirmeier.com>
Cc: Alan Stern <stern@rowland.harvard.edu>
Cc: David Brownell <david-b@pacbell.net>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
drivers/usb/core/devio.c: In function `usbdev_read':
drivers/usb/core/devio.c:140: error: invalid type argument of `->'
drivers/usb/core/devio.c:141: error: invalid type argument of `->'
drivers/usb/core/devio.c:142: error: invalid type argument of `->'
drivers/usb/core/devio.c:143: error: invalid type argument of `->'
Cc: Oliver Neukum <oliver@neukum.org>
Cc: Pete Zaitcev <zaitcev@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
this is a small optimisation. It is ridiculous to do a kmalloc for
18 bytes. This puts it onto the stack.
Signed-off-by: Oliver Neukum <oliver@neukum.name>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as605) removes the private udev->serialize semaphore,
relying instead on the locking provided by the embedded struct device's
semaphore. The changes are confined to the core, except that the
usb_trylock_device routine now uses the return convention of
down_trylock rather than down_read_trylock (they return opposite values
for no good reason).
A couple of other associated changes are included as well:
Now that we aren't concerned about HCDs that avoid using the
hcd glue layer, usb_disconnect no longer needs to acquire the
usb_bus_lock -- that can be done by usb_remove_hcd where it
belongs.
Devices aren't locked over the same scope of code in
usb_new_device and hub_port_connect_change as they used to be.
This shouldn't cause any trouble.
Along with the preceding driver core patch, this needs a lot of testing.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
drivers/usb/core/devio.c: In function `proc_ioctl_compat':
drivers/usb/core/devio.c:1401: warning: passing arg 1 of `compat_ptr' makes integer from pointer without a cast
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
drivers/usb/core/devio.c: In function `proc_ioctl_compat':
drivers/usb/core/devio.c:1401: warning: passing arg 1 of `compat_ptr' makes integer from pointer without a cast
NFI if this is correct...
Cc: Pete Zaitcev <zaitcev@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This patch (as590) fixes up all the remaining places where usbcore can
use kzalloc rather than kmalloc/memset.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
The previous patch adding the ability to nest struct class_device
changed the paramaters to the call class_device_create(). This patch
fixes up all in-kernel users of the function.
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
All the same issues - we can't just save the pointer to the thread, we
must save the pid/uid/euid combination.
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
If a process issues an URB from userspace and (starts to) terminate
before the URB comes back, we run into the issue described above. This
is because the urb saves a pointer to "current" when it is posted to the
device, but there's no guarantee that this pointer is still valid
afterwards.
In fact, there are three separate issues:
1) the pointer to "current" can become invalid, since the task could be
completely gone when the URB completion comes back from the device.
2) Even if the saved task pointer is still pointing to a valid task_struct,
task_struct->sighand could have gone meanwhile.
3) Even if the process is perfectly fine, permissions may have changed,
and we can no longer send it a signal.
So what we do instead, is to save the PID and uid's of the process, and
introduce a new kill_proc_info_as_uid() function.
Signed-off-by: Harald Welte <laforge@gnumonks.org>
[ Fixed up types and added symbol exports ]
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This patch (as554) makes the hub driver disconnect any child USB devices
when it is unbound from a hub. Normally this will never happen, but
there are a few oddball ways to unbind the hub driver while leaving the
children intact. For example, the new "unbind" sysfs attribute can be
used for this purpose.
Given that unbinding hubs with children is now safe, the patch also
removes the code that prevented people from doing so using usbfs.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as551) fixes another little problem recently added to the
USB core. Someone didn't fix the type of the first argument to
unregister_chrdev_region.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch introduces a /sys/class/usb_device/ class
where every connected usb-device will show up:
tree /sys/class/usb_device/
/sys/class/usb_device/
|-- usb1.1
| |-- dev
| `-- device -> ../../../devices/pci0000:00/0000:00:1d.0/usb1
|-- usb2.1
| |-- dev
| `-- device -> ../../../devices/pci0000:00/0000:00:1d.1/usb2
...
The presence of the "dev" file lets udev create real device nodes.
kay@pim:~/src/linux-2.6> tree /dev/bus/usb/
/dev/bus/usb/
|-- 1
| `-- 1
|-- 2
| `-- 1
...
udev rule:
SUBSYSTEM="usb_device", PROGRAM="/sbin/usb_device %k", NAME="%c"
(echo $1 | /bin/sed 's/usb\([0-9]*\)\.\([0-9]*\)/bus\/usb\/\1\/\2/')
This makes libusb pick up the real nodes instead of the mounted usbfs:
export USB_DEVFS_PATH=/dev/bus/usb
Background:
All this makes it possible to manage usb devices with udev instead of
the devfs solution. We are currently working on a pam_console/resmgr
replacement driven by udev and a pam-helper. It applies ACL's to device
nodes, which is required for modern desktop functionalty like
"Fast User Switching" or multiple local login support.
New patch with its own major. I've succesfully disabled usbfs and use real
nodes only on my box. With: "export USB_DEVFS_PATH=/dev/bus/usb" libusb picks
up the udev managed nodes instead of reading usbfs files.
This makes udev to provide symlinks for libusb to pick up:
SUBSYSTEM="usb_device", PROGRAM="/sbin/usbdevice %k", SYMLINK="%c"
/sbin/usbdevice:
#!/bin/sh
echo $1 | /bin/sed 's/usbdev\([0-9]*\)\.\([0-9]*\)/bus\/usb\/\1\/\2/'
Signed-off-by: Kay Sievers <kay.sievers@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch fixes an information leak in the usbfs snoop facility:
uninitialized data from __get_free_page can be returned to userspace and
written to the system log. It also improves the snoop output by printing
the wLength value.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This patch turns a user mode driver error into a hard error, and updates
the relevant diagnostic slightly to help troubleshooting. gphoto was
known to have this problem, hopefully it is now fixed (they have had
plenty of warning...)
This had been left as a soft error to give various user mode drivers a
change to be properly fixed, with the statement that starting in about
2.6.10 it would be changed. It had been mostly safe as a soft error ...
but that can not be guaranteed. Now that a year has passed, it's time to
really insist that the user mode drivers finally fix their relevant bugs.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Checking for NULL before calling kfree() is redundant. This patch removes
these redundant checks and also makes a few tiny whitespace changes.
Signed-off-by: Jesper Juhl <juhl-lkml@dif.dk>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
I am sorry that the last patch about 32 bit compat ioctl on
64 bit kernel actually breaks the usbdevfs. That is on the current
BK tree. I am retarded.
Here is the patch to fix it. Tested with USB hard disk and webcam
in both 32bit compatible mode and native 64bit mode.
Again, sorry about that.
From: Christopher Li <chrisl@vmware.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Initial git repository build. I'm not bothering with the full history,
even though we have it. We can create a separate "historical" git
archive of that later if we want to, and in the meantime it's about
3.2GB when imported into git - space that would just make the early
git days unnecessarily complicated, when we don't have a lot of good
infrastructure for it.
Let it rip!