Hi Greg,
I found 2 issues when I was developing USB Audio gadget driver.
Please take a look.
Thanks
-Bryan
Signed-off-by: Bryan Wu <[email protected]>
---
drivers/usb/gadget/composite.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/drivers/usb/gadget/composite.c b/drivers/usb/gadget/composite.c
index f2da026..363951e 100644
--- a/drivers/usb/gadget/composite.c
+++ b/drivers/usb/gadget/composite.c
@@ -772,7 +772,7 @@ composite_setup(struct usb_gadget *gadget, const struct usb_ctrlrequest *ctrl)
f = cdev->config->interface[w_index];
if (!f)
break;
- if (w_value && !f->get_alt)
+ if (w_value && !f->set_alt)
break;
value = f->set_alt(f, w_index, w_value);
break;
--
1.5.6
In some usb gadget driver, for example usb audio class device, the high
byte of w_index is the entity id and low byte is the interface number.
If we use the 2 bytes of w_index as the array number, we will get a
wrong pointer or NULL pointer.
This patch fixes this issue.
Signed-off-by: Bryan Wu <[email protected]>
---
drivers/usb/gadget/composite.c | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/drivers/usb/gadget/composite.c b/drivers/usb/gadget/composite.c
index 363951e..5d11c29 100644
--- a/drivers/usb/gadget/composite.c
+++ b/drivers/usb/gadget/composite.c
@@ -683,6 +683,7 @@ composite_setup(struct usb_gadget *gadget, const struct usb_ctrlrequest *ctrl)
struct usb_request *req = cdev->req;
int value = -EOPNOTSUPP;
u16 w_index = le16_to_cpu(ctrl->wIndex);
+ u8 intf = w_index & 0xFF;
u16 w_value = le16_to_cpu(ctrl->wValue);
u16 w_length = le16_to_cpu(ctrl->wLength);
struct usb_function *f = NULL;
@@ -769,7 +770,7 @@ composite_setup(struct usb_gadget *gadget, const struct usb_ctrlrequest *ctrl)
goto unknown;
if (!cdev->config || w_index >= MAX_CONFIG_INTERFACES)
break;
- f = cdev->config->interface[w_index];
+ f = cdev->config->interface[intf];
if (!f)
break;
if (w_value && !f->set_alt)
@@ -781,7 +782,7 @@ composite_setup(struct usb_gadget *gadget, const struct usb_ctrlrequest *ctrl)
goto unknown;
if (!cdev->config || w_index >= MAX_CONFIG_INTERFACES)
break;
- f = cdev->config->interface[w_index];
+ f = cdev->config->interface[intf];
if (!f)
break;
/* lots of interfaces only need altsetting zero... */
@@ -808,7 +809,7 @@ unknown:
*/
if ((ctrl->bRequestType & USB_RECIP_MASK)
== USB_RECIP_INTERFACE) {
- f = cdev->config->interface[w_index];
+ f = cdev->config->interface[intf];
if (f && f->setup)
value = f->setup(f, ctrl);
else
--
1.5.6
On Wednesday 07 January 2009, Bryan Wu wrote:
> Signed-off-by: Bryan Wu <[email protected]>
Include a real patch comment -- "test the *correct* function
pointer" would suffice, and:
Acked-by: David Brownell <[email protected]>
> ---
> drivers/usb/gadget/composite.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/drivers/usb/gadget/composite.c b/drivers/usb/gadget/composite.c
> index f2da026..363951e 100644
> --- a/drivers/usb/gadget/composite.c
> +++ b/drivers/usb/gadget/composite.c
> @@ -772,7 +772,7 @@ composite_setup(struct usb_gadget *gadget, const struct usb_ctrlrequest *ctrl)
> f = cdev->config->interface[w_index];
> if (!f)
> break;
> - if (w_value && !f->get_alt)
> + if (w_value && !f->set_alt)
> break;
> value = f->set_alt(f, w_index, w_value);
> break;
> --
> 1.5.6
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-usb" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>
On Wednesday 07 January 2009, Bryan Wu wrote:
> In some usb gadget driver, for example usb audio class device, the high
> byte of w_index is the entity id and low byte is the interface number.
> If we use the 2 bytes of w_index as the array number, we will get a
> wrong pointer or NULL pointer.
>
> This patch fixes this issue.
>
> Signed-off-by: Bryan Wu <[email protected]>
Acked-by: David Brownell <[email protected]>
> ---
> drivers/usb/gadget/composite.c | 7 ++++---
> 1 files changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/usb/gadget/composite.c b/drivers/usb/gadget/composite.c
> index 363951e..5d11c29 100644
> --- a/drivers/usb/gadget/composite.c
> +++ b/drivers/usb/gadget/composite.c
> @@ -683,6 +683,7 @@ composite_setup(struct usb_gadget *gadget, const struct usb_ctrlrequest *ctrl)
> struct usb_request *req = cdev->req;
> int value = -EOPNOTSUPP;
> u16 w_index = le16_to_cpu(ctrl->wIndex);
> + u8 intf = w_index & 0xFF;
> u16 w_value = le16_to_cpu(ctrl->wValue);
> u16 w_length = le16_to_cpu(ctrl->wLength);
> struct usb_function *f = NULL;
> @@ -769,7 +770,7 @@ composite_setup(struct usb_gadget *gadget, const struct usb_ctrlrequest *ctrl)
> goto unknown;
> if (!cdev->config || w_index >= MAX_CONFIG_INTERFACES)
> break;
> - f = cdev->config->interface[w_index];
> + f = cdev->config->interface[intf];
> if (!f)
> break;
> if (w_value && !f->set_alt)
> @@ -781,7 +782,7 @@ composite_setup(struct usb_gadget *gadget, const struct usb_ctrlrequest *ctrl)
> goto unknown;
> if (!cdev->config || w_index >= MAX_CONFIG_INTERFACES)
> break;
> - f = cdev->config->interface[w_index];
> + f = cdev->config->interface[intf];
> if (!f)
> break;
> /* lots of interfaces only need altsetting zero... */
> @@ -808,7 +809,7 @@ unknown:
> */
> if ((ctrl->bRequestType & USB_RECIP_MASK)
> == USB_RECIP_INTERFACE) {
> - f = cdev->config->interface[w_index];
> + f = cdev->config->interface[intf];
> if (f && f->setup)
> value = f->setup(f, ctrl);
> else
> --
> 1.5.6
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-usb" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>