When the new_id entry is used for a foreign USB device, rtlwifi BUGS with
a NULL pointer dereference.
Signed-off-by: Larry Finger <[email protected]>
Cc: Stable <[email protected]>
---
John,
Although this patch should be backported to stable kernels, the new_id
feature is rarely used, thus the patch should not have any particular
priority.
Larry
---
drivers/net/wireless/rtlwifi/usb.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/drivers/net/wireless/rtlwifi/usb.c b/drivers/net/wireless/rtlwifi/usb.c
index d42bbe2..77a7517 100644
--- a/drivers/net/wireless/rtlwifi/usb.c
+++ b/drivers/net/wireless/rtlwifi/usb.c
@@ -977,6 +977,9 @@ int rtl_usb_probe(struct usb_interface *intf,
rtl_dbgp_flag_init(hw);
/* Init IO handler */
_rtl_usb_io_handler_init(&udev->dev, hw);
+ if (!rtlpriv->cfg || !rtlpriv->cfg->ops ||
+ !rtlpriv->cfg->ops->read_chip_version)
+ return -ENODEV;
rtlpriv->cfg->ops->read_chip_version(hw);
/*like read eeprom and so on */
rtlpriv->cfg->ops->read_eeprom_info(hw);
--
1.8.1
On 02/05/2013 06:18 PM, Ben Hutchings wrote:
> On Tue, 2013-02-05 at 18:00 -0600, Larry Finger wrote:
>> When the new_id entry is used for a foreign USB device, rtlwifi BUGS with
>> a NULL pointer dereference.
> [...]
>
> So set no_dynamic_id in the usb_driver structures.
>
> (But I wonder why USB behaves differently from PCI, which requires that
> the dynamic ID's driver_data value (defaulting to 0) matches a value
> used in a static ID entry.)
I don't know why USB differs from PCI, but we do need the dynamic ID here as
there are always new IDs being issued. One of the criteria for adding the ID to
the table is that it works OK with dynamic addition. These devices are
frequently reported by users that do not have the skills to build their own kernel.
Larry
On Tue, 2013-02-05 at 18:00 -0600, Larry Finger wrote:
> When the new_id entry is used for a foreign USB device, rtlwifi BUGS with
> a NULL pointer dereference.
[...]
So set no_dynamic_id in the usb_driver structures.
(But I wonder why USB behaves differently from PCI, which requires that
the dynamic ID's driver_data value (defaulting to 0) matches a value
used in a static ID entry.)
Ben.
--
Ben Hutchings, Staff Engineer, Solarflare
Not speaking for my employer; that's the marketing department's job.
They asked us to note that Solarflare product names are trademarked.
On Wed, 2013-02-06 at 01:16 +0000, Ben Hutchings wrote:
> > I don't know why USB differs from PCI, but we do need the dynamic ID here as
> > there are always new IDs being issued. One of the criteria for adding the ID to
> > the table is that it works OK with dynamic addition. These devices are
> > frequently reported by users that do not have the skills to build their own kernel.
>
> But since there is no way to set the driver_info for a new USB ID
> (again, unlike PCI), your change will reject all dynamic IDs. (And in
> any case, if the USB core were changed to allow setting driver_info,
> userland would have difficulty providing a valid pointer!)
>
> It looks like the driver_info is really driver-specific data used to
> share a probe function between multiple drivers. But you could add
> per-driver probe functions that pass the correct rtl_hal_cfg as an extra
> argument to rtl_usb_probe(), and then dynamic IDs should work.
Some (PCI?) drivers had/have numbers instead of pointers, so userland
can provide a number and it then looks up the pointer in an array.
That's only slightly indirected but makes new_id more useful in that
case.
johannes
On Tue, 2013-02-05 at 18:44 -0600, Larry Finger wrote:
> On 02/05/2013 06:18 PM, Ben Hutchings wrote:
> > On Tue, 2013-02-05 at 18:00 -0600, Larry Finger wrote:
> >> When the new_id entry is used for a foreign USB device, rtlwifi BUGS with
> >> a NULL pointer dereference.
> > [...]
> >
> > So set no_dynamic_id in the usb_driver structures.
> >
> > (But I wonder why USB behaves differently from PCI, which requires that
> > the dynamic ID's driver_data value (defaulting to 0) matches a value
> > used in a static ID entry.)
>
> I don't know why USB differs from PCI, but we do need the dynamic ID here as
> there are always new IDs being issued. One of the criteria for adding the ID to
> the table is that it works OK with dynamic addition. These devices are
> frequently reported by users that do not have the skills to build their own kernel.
But since there is no way to set the driver_info for a new USB ID
(again, unlike PCI), your change will reject all dynamic IDs. (And in
any case, if the USB core were changed to allow setting driver_info,
userland would have difficulty providing a valid pointer!)
It looks like the driver_info is really driver-specific data used to
share a probe function between multiple drivers. But you could add
per-driver probe functions that pass the correct rtl_hal_cfg as an extra
argument to rtl_usb_probe(), and then dynamic IDs should work.
Ben.
--
Ben Hutchings, Staff Engineer, Solarflare
Not speaking for my employer; that's the marketing department's job.
They asked us to note that Solarflare product names are trademarked.