after usb_ep_queue() if wait_for_completion_interruptible() is
interrupted we need to wait until IRQ gets finished.
Otherwise complete() from epio_complete() can corrupt stack.
Signed-off-by: Jozef Martiniak <[email protected]>
---
drivers/usb/gadget/legacy/inode.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/usb/gadget/legacy/inode.c b/drivers/usb/gadget/legacy/inode.c
index 79990597c39f..01c3ead7d1b4 100644
--- a/drivers/usb/gadget/legacy/inode.c
+++ b/drivers/usb/gadget/legacy/inode.c
@@ -362,6 +362,7 @@ ep_io (struct ep_data *epdata, void *buf, unsigned len)
spin_unlock_irq (&epdata->dev->lock);
DBG (epdata->dev, "endpoint gone\n");
+ wait_for_completion(&done);
epdata->status = -ENODEV;
}
}
--
2.25.1
On Fri, Jul 08, 2022 at 09:06:44AM +0200, Jozef Martiniak wrote:
> after usb_ep_queue() if wait_for_completion_interruptible() is
> interrupted we need to wait until IRQ gets finished.
>
> Otherwise complete() from epio_complete() can corrupt stack.
>
> Signed-off-by: Jozef Martiniak <[email protected]>
What commit id does this fix?
thanks,
greg k-h
The first commit 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
pi 8. 7. 2022 o 9:19 Greg Kroah-Hartman <[email protected]> napĂsal(a):
>
> On Fri, Jul 08, 2022 at 09:06:44AM +0200, Jozef Martiniak wrote:
> > after usb_ep_queue() if wait_for_completion_interruptible() is
> > interrupted we need to wait until IRQ gets finished.
> >
> > Otherwise complete() from epio_complete() can corrupt stack.
> >
> > Signed-off-by: Jozef Martiniak <[email protected]>
>
> What commit id does this fix?
>
> thanks,
>
> greg k-h
On Fri, Jul 08, 2022 at 09:06:44AM +0200, Jozef Martiniak wrote:
> after usb_ep_queue() if wait_for_completion_interruptible() is
> interrupted we need to wait until IRQ gets finished.
This should say "request" or "I/O request", not "IRQ". Not a big deal.
>
> Otherwise complete() from epio_complete() can corrupt stack.
>
> Signed-off-by: Jozef Martiniak <[email protected]>
> ---
Acked-by: Alan Stern <[email protected]>
> drivers/usb/gadget/legacy/inode.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/drivers/usb/gadget/legacy/inode.c b/drivers/usb/gadget/legacy/inode.c
> index 79990597c39f..01c3ead7d1b4 100644
> --- a/drivers/usb/gadget/legacy/inode.c
> +++ b/drivers/usb/gadget/legacy/inode.c
> @@ -362,6 +362,7 @@ ep_io (struct ep_data *epdata, void *buf, unsigned len)
> spin_unlock_irq (&epdata->dev->lock);
>
> DBG (epdata->dev, "endpoint gone\n");
> + wait_for_completion(&done);
> epdata->status = -ENODEV;
> }
> }
> --
> 2.25.1
>