Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp866611rwd; Thu, 8 Jun 2023 08:46:06 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7CFoi/xcdbvHbExfY/lu6YcqvlINetoxhtH/OwQBBy/UsdoL4mWKk2dARrzc/3v3hNJ+Ms X-Received: by 2002:a17:902:ea0e:b0:1b0:3576:c2a9 with SMTP id s14-20020a170902ea0e00b001b03576c2a9mr5233034plg.33.1686239166715; Thu, 08 Jun 2023 08:46:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686239166; cv=none; d=google.com; s=arc-20160816; b=POTR3OZc+MRdLHdbkF//OiF1keHEdekc6QE9vUXOBeaJVr26f/4LFRhAPxM6Z46pBY YQdTW8aiV44FEHcgYWAHbILXf7Q4aQiiWuCHXn0ub9dsppvCfhz4ixt8wxN5XsWu/+29 kYs4jXabjksntJxDxjf/P78bWDZ7Nbq5ygYq07TGZbTqoGP/i8rly73cYXZGYoySr5n3 mUMa7eQil6LV3PZcSBm6EPEc6pXbOOxPCI7pZhgtEnQP1U5LLMw6+ZSFCxSZNowIr5iQ EVslLXDWVo008cJPuv4D56/E08gLdqweVnLPX+8htsGdT4Its95UGA0fbBu/SacCkE/B cyDw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=TC0TXhaLCRSuJY7tBbOMifxAs1Hs0d2Wqq85FQz9kJk=; b=qvrq30NDWEo15nMpS32+BRo4LagsE/DsyKO8aGFqBoVQ74dn/cGdeCyE/+abuHJG88 e5vwnEaF0DAlsHSpyoEV8I1XgbXq+Ljyd16jUDU4O6SjZ7BSGYxVaDHOxDs+fZzVac32 xTWydr2ke/jRWDLDy1pjgiUiaw1c+gNmCavJLCRHgfG4e3dLfKebDO4y3ooe+eNgKj0N MsyfKV3zLBuyU6kovBbEqiJr9+8fNL5BgQq1F3U670aZ+LSlp3tk0T5QMBaMUQdaFddw rSaRORjkPibZSBhYxyHWh/a/0wi+J5NtGdrsVkaeJ9R2bYe3Q6g0xQC1cvwD2L1KWf92 83LQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id b10-20020a170902b60a00b001b03eebfe25si1187403pls.465.2023.06.08.08.45.52; Thu, 08 Jun 2023 08:46:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236309AbjFHP1N (ORCPT + 99 others); Thu, 8 Jun 2023 11:27:13 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54498 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234497AbjFHP1L (ORCPT ); Thu, 8 Jun 2023 11:27:11 -0400 Received: from netrider.rowland.org (netrider.rowland.org [192.131.102.5]) by lindbergh.monkeyblade.net (Postfix) with SMTP id 9314B2D46 for ; Thu, 8 Jun 2023 08:27:09 -0700 (PDT) Received: (qmail 265539 invoked by uid 1000); 8 Jun 2023 11:27:08 -0400 Date: Thu, 8 Jun 2023 11:27:08 -0400 From: Alan Stern To: Badhri Jagan Sridharan Cc: gregkh@linuxfoundation.org, colin.i.king@gmail.com, xuetao09@huawei.com, quic_eserrao@quicinc.com, water.zhangjiantao@huawei.com, francesco@dolcini.it, alistair@alistair23.me, stephan@gerhold.net, bagasdotme@gmail.com, luca@z3ntu.xyz, linux-usb@vger.kernel.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org Subject: Re: [PATCH v6 2/2] usb: gadget: udc: core: Prevent soft_connect_store() race Message-ID: <66a886aa-4b3d-421d-a229-8bb400c6fc8b@rowland.harvard.edu> References: <20230601031028.544244-1-badhri@google.com> <20230601031028.544244-2-badhri@google.com> <0bea99f1-cf66-4e80-b89b-41007c2ccfee@rowland.harvard.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,SPF_HELO_PASS,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jun 07, 2023 at 10:17:04PM -0700, Badhri Jagan Sridharan wrote: > On Wed, Jun 7, 2023 at 11:26 AM Alan Stern > wrote: > > > @@ -756,10 +772,12 @@ int usb_gadget_disconnect(struct usb_gadget > > *gadget) > > > if (!gadget->connected) > > > goto out; > > > > > > - if (gadget->deactivated) { > > > + if (gadget->deactivated || !gadget->udc->started) { > > > > Do you really need to add this extra test? After all, if the gadget > > isn't started then how could the previous test of gadget->connected > > possibly succeed? > > > > In fact, I suspect this entire section of code was always useless, since > > the gadget couldn't be connected now if it was already deactivated. > > > > Thanks Alan ! Will fix all other comments in v7 but not sure about this one. > Although the ->pullup() function will not be called, > -> connected flag could actually be set when the gadget is not started. > > - if (gadget->deactivated || !gadget->udc->allow_connect) { > + if (gadget->deactivated || !gadget->udc->allow_connect || > !gadget->udc->started) { > /* > * If gadget is deactivated we only save new state. > * Gadget will be connected automatically after activation. > + * > + * udc first needs to be started before gadget can be pulled up. > */ > gadget->connected = true; > > This could happen, for instance, when usb_udc_vbus_handler() is invoked > after soft_connect_store() disconnects the gadget. > Same applies to when usb_gadget_connect() is called after the gadget has > been deactivated through usb_gadget_deactivate(). > > This implies that the checks should be there, right ? Yes, you're right; the checks do need to be there. I had forgotten about these possible cases. Ignore that comment. Alan Stern