UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/drivers
History
Eli Billauer 5cff754692 char: xillybus: Check USB endpoints when probing device 
commit 2374bf7558de915edc6ec8cb10ec3291dfab9594 upstream.

Ensure, as the driver probes the device, that all endpoints that the
driver may attempt to access exist and are of the correct type.

All XillyUSB devices must have a Bulk IN and Bulk OUT endpoint at
address 1. This is verified in xillyusb_setup_base_eps().

On top of that, a XillyUSB device may have additional Bulk OUT
endpoints. The information about these endpoints' addresses is deduced
from a data structure (the IDT) that the driver fetches from the device
while probing it. These endpoints are checked in setup_channels().

A XillyUSB device never has more than one IN endpoint, as all data
towards the host is multiplexed in this single Bulk IN endpoint. This is
why setup_channels() only checks OUT endpoints.

Reported-by: syzbot+eac39cba052f2e750dbe@syzkaller.appspotmail.com
Cc: stable <stable@kernel.org>
Closes: https://lore.kernel.org/all/0000000000001d44a6061f7a54ee@google.com/T/
Fixes: a53d1202ae ("char: xillybus: Add driver for XillyUSB (Xillybus variant for USB)").
Signed-off-by: Eli Billauer <eli.billauer@gmail.com>
Link: https://lore.kernel.org/r/20240816070200.50695-2-eli.billauer@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2024-08-29 17:33:11 +02:00
..
accel kthread: add kthread_stop_put 2024-06-12 11:12:52 +02:00
accessibility speakup: Fix sizeof() vs ARRAY_SIZE() bug 2024-06-12 11:11:18 +02:00
acpi Revert "ACPI: EC: Evaluate orphan _REG under EC device" 2024-08-29 17:33:10 +02:00
amba
android binder: fix hang of unregistered readers 2024-08-03 08:54:21 +02:00
ata Revert "ata: libata-scsi: Honor the D_SENSE bit for CK_COND=1 and no error" 2024-08-19 06:04:31 +02:00
atm
auxdisplay auxdisplay: ht16k33: Drop reference after LED registration 2024-08-03 08:54:39 +02:00
base driver core: Fix uevent_show() vs driver detach race 2024-08-14 13:58:56 +02:00
bcma
block rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings 2024-08-03 08:54:32 +02:00
bluetooth Bluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading 2024-08-14 13:58:44 +02:00
bus bus: mhi: host: Add MHI_PM_SYS_ERR_FAIL state 2024-04-13 13:07:38 +02:00
cache cache: ax45mp_cache: Align end size to cache boundary in ax45mp_dma_cache_wback() 2024-03-01 13:35:08 +01:00
cdrom cdrom: rearrange last_media_change check to avoid unintentional overflow 2024-07-11 12:49:10 +02:00
cdx
char char: xillybus: Check USB endpoints when probing device 2024-08-29 17:33:11 +02:00
clk clk: davinci: da8xx-cfgchip: Initialize clk_init_data before use 2024-08-03 08:54:23 +02:00
clocksource clocksource/drivers/sh_cmt: Address race condition for clock events 2024-08-14 13:58:41 +02:00
comedi comedi: vmk80xx: fix incomplete endpoint checking 2024-04-27 17:11:39 +02:00
connector
counter counter: ti-eqep: enable clock at probe 2024-07-05 09:33:56 +02:00
cpufreq cpufreq: qcom-nvmem: fix memory leaks in probe error paths 2024-08-11 12:47:14 +02:00
cpuidle cpuidle: Avoid potential overflow in integer multiplication 2024-04-13 13:07:29 +02:00
crypto crypto: qat - extend scope of lock in adf_cfg_add_key_value_param() 2024-08-03 08:54:01 +02:00
cxl cxl/region: check interleave capability 2024-07-05 09:34:07 +02:00
dax
dca
devfreq
dio
dma dmaengine: fsl-edma: change the memory access from local into remote mode in i.MX 8QM 2024-08-11 12:47:17 +02:00
dma-buf dma-buf: handle testing kthreads creation failure 2024-06-21 14:38:40 +02:00
edac EDAC, i10nm: make skx_common.o a separate module 2024-08-03 08:53:19 +02:00
eisa
extcon extcon: max8997: select IRQ_DOMAIN instead of depending on it 2024-06-12 11:12:27 +02:00
firewire firewire: ohci: fulfill timestamp for some local asynchronous transaction 2024-05-17 12:02:30 +02:00
firmware firmware/sysfb: Update screen_info for relocated EFI framebuffers 2024-08-11 12:47:16 +02:00
fpga fpga: region: add owner module and take its refcount 2024-06-12 11:12:23 +02:00
fsi
gnss
gpio gpio: prevent potential speculation leaks in gpio_device_get_desc() 2024-08-14 13:58:40 +02:00
gpu nouveau: set placement to original placement on uvmm validate. 2024-08-14 13:59:03 +02:00
greybus greybus: Fix use-after-free bug in gb_interface_release due to race condition. 2024-06-21 14:38:48 +02:00
hid HID: wacom: Modify pen IDs 2024-08-11 12:47:24 +02:00
hsi
hte
hv Drivers: hv: vmbus: Don't free ring buffers that couldn't be re-encrypted 2024-05-17 12:02:17 +02:00
hwmon hwmon: corsair-psu: add USB id of HX1200i Series 2023 psu 2024-08-14 13:58:41 +02:00
hwspinlock
hwtracing coresight: Fix ref leak when of_coresight_parse_endpoint() fails 2024-08-03 08:53:57 +02:00
i2c i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume 2024-08-14 13:58:52 +02:00
i3c i3c: master: svc: fix invalidate IBI type and miss call client IBI handler 2024-06-16 13:47:46 +02:00
idle
iio iio: frequency: adrf6780: rm clk provider include 2024-08-03 08:53:56 +02:00
infiniband RDMA/iwcm: Fix a use-after-free related to destroying CM IDs 2024-08-03 08:54:30 +02:00
input Revert "Input: bcm5974 - check endpoint type before starting traffic" 2024-08-19 06:04:31 +02:00
interconnect interconnect: qcom: qcm2290: Fix mas_snoc_bimc RPM master ID 2024-08-03 08:53:58 +02:00
iommu iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en 2024-08-03 08:54:41 +02:00
ipack
irqchip irqchip/xilinx: Fix shift out of bounds 2024-08-14 13:58:58 +02:00
isdn mISDN: fix MISDN_TIME_STAMP handling 2024-08-19 06:04:28 +02:00
leds leds: triggers: Flush pending brightness before activating trigger 2024-08-11 12:47:14 +02:00
macintosh macintosh/therm_windtunnel: fix module unload. 2024-08-03 08:54:02 +02:00
mailbox
mcb
md md/raid5: avoid BUG_ON() while continue reshape after reassembling 2024-08-14 13:58:41 +02:00
media media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" 2024-08-19 06:04:31 +02:00
memory memory: fsl_ifc: Make FSL_IFC config visible and selectable 2024-08-03 08:53:27 +02:00
memstick
message
mfd mfd: omap-usb-tll: Use struct_size to allocate tll 2024-08-03 08:53:54 +02:00
misc Revert "misc: fastrpc: Restrict untrusted app to attach to privileged PD" 2024-08-29 17:33:10 +02:00
mmc mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() 2024-07-05 09:33:55 +02:00
most
mtd ubi: eba: properly rollback inside self_check_eba 2024-08-03 08:54:23 +02:00
mux
net pppoe: Fix memory leak in pppoe_sendmsg() 2024-08-19 06:04:27 +02:00
nfc nfc/nci: Add the inconsistency check between the input data length and count 2024-07-11 12:49:21 +02:00
ntb NTB: fix possible name leak in ntb_register_device() 2024-03-26 18:19:48 -04:00
nubus
nvdimm
nvme nvme/pci: Add APST quirk for Lenovo N60z laptop 2024-08-19 06:04:24 +02:00
nvmem nvmem: rockchip-otp: set add_legacy_fixed_of_cells config option 2024-08-03 08:54:01 +02:00
of of/irq: Disable "interrupt-map" parsing for PASEMI Nemo 2024-07-25 09:50:57 +02:00
opp OPP: ti: Fix ti_opp_supply_probe wrong return values 2024-08-03 08:53:27 +02:00
parisc
parport dev/parport: fix the array out-of-bounds risk 2024-08-03 08:54:22 +02:00
pci PCI: Add pci_get_base_class() helper 2024-08-11 12:47:15 +02:00
pcmcia
peci
perf perf: riscv: Fix selecting counters in legacy mode 2024-08-11 12:47:23 +02:00
phy phy: zynqmp: Enable reference clock correctly 2024-08-03 08:54:35 +02:00
pinctrl pinctrl: renesas: r8a779g0: Fix TPU suffixes 2024-08-03 08:54:09 +02:00
platform platform/x86/intel/ifs: Initialize union ifs_status to zero 2024-08-14 13:58:38 +02:00
pmdomain pmdomain: qcom: rpmhpd: Skip retention level for Power Domains 2024-07-18 13:21:22 +02:00
pnp
power power: supply: axp288_charger: Round constant_charge_voltage writes down 2024-08-14 13:58:58 +02:00
powercap powercap: intel_rapl_tpmi: Fix System Domain probing 2024-04-03 15:28:19 +02:00
pps
ps3
ptp ptp: fix integer overflow in max_vclocks_store 2024-06-27 13:49:07 +02:00
pwm pwm: atmel-tcb: Fix race condition and convert to guards 2024-08-03 08:53:23 +02:00
rapidio
ras
regulator regulator: bd71815: fix ramp values 2024-06-27 13:49:09 +02:00
remoteproc remoteproc: imx_rproc: Fix refcount mistake in imx_rproc_addr_init 2024-08-03 08:54:31 +02:00
reset
rpmsg
rtc rtc: abx80x: Fix return value of nvmem callback on read 2024-08-03 08:54:29 +02:00
s390 s390/sclp: Prevent release of buffer in I/O 2024-08-14 13:58:47 +02:00
sbus
scsi scsi: mpi3mr: Avoid IOMMU page faults on REPORT ZONES 2024-08-14 13:58:55 +02:00
sh
siox
slimbus slimbus: qcom-ngd-ctrl: Add timeout for wait operation 2024-05-17 12:02:33 +02:00
soc drivers: soc: xilinx: check return status of get_api_version() 2024-08-03 08:54:18 +02:00
soundwire soundwire: cadence: fix invalid PDI offset 2024-06-12 11:12:15 +02:00
spi spi: spi-fsl-lpspi: Fix scldiv calculation 2024-08-14 13:58:52 +02:00
spmi spmi: hisi-spmi-controller: Do not override device identifier 2024-06-21 14:38:40 +02:00
ssb ssb: Fix potential NULL pointer dereference in ssb_device_uevent() 2024-06-27 13:49:01 +02:00
staging greybus: arche-ctrl: move device table to its right location 2024-06-12 11:12:17 +02:00
target scsi: target: Fix SELinux error when systemd-modules loads the target module 2024-05-17 12:02:15 +02:00
tc
tee tee: optee: ffa: Fix missing-field-initializers warning 2024-07-25 09:50:53 +02:00
thermal thermal/drivers/broadcom: Fix race between removal and clock disable 2024-08-11 12:47:12 +02:00
thunderbolt thunderbolt: debugfs: Fix margin debugfs node creation condition 2024-06-21 14:38:25 +02:00
tty tty: atmel_serial: use the correct RTS flag. 2024-08-29 17:33:10 +02:00
ufs scsi: ufs: core: Fix hba->last_dme_cmd_tstamp timestamp updating logic 2024-08-14 13:58:55 +02:00
uio uio_hv_generic: Don't free decrypted memory 2024-05-17 12:02:17 +02:00
usb Revert "usb: typec: tcpm: clear pd_event queue in PORT_RESET" 2024-08-29 17:33:10 +02:00
vdpa vduse: Temporarily fail if control queue feature requested 2024-07-05 09:33:50 +02:00
vfio vfio/pci: Init the count variable in collecting hot-reset devices 2024-07-18 13:21:10 +02:00
vhost vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler 2024-08-14 13:58:55 +02:00
video fbdev: vesafb: Detect VGA compatibility from screen info's VESA attributes 2024-08-11 12:47:16 +02:00
virt drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() 2024-06-12 11:12:09 +02:00
virtio virtio: delete vq in vp_find_vqs_msix() when request_irq() fails 2024-06-12 11:12:49 +02:00
vlynq
w1 nvmem: add explicit config option to read old syntax fixed OF cells 2024-05-17 12:01:55 +02:00
watchdog watchdog: rzg2l_wdt: Check return status of pm_runtime_put() 2024-08-03 08:54:35 +02:00
xen xen: privcmd: Switch from mutex to spinlock for irqfds 2024-08-14 13:58:42 +02:00
zorro
Kconfig
Makefile