lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <D6DB9C7EDECDA944B870F62B587008622C8A42@NL-EXC-06.intra.local>
Date:	Mon, 22 Nov 2010 11:20:55 +0100
From:	"Robert Lukassen" <Robert.Lukassen@...tom.com>
To:	"Jef Driesen" <jefdriesen@...enet.be>, "Greg KH" <greg@...ah.com>
Cc:	"David Brownell" <dbrownell@...rs.sourceforge.net>,
	"Greg Kroah-Hartman" <gregkh@...e.de>, <linux-usb@...r.kernel.org>,
	<linux-kernel@...r.kernel.org>
Subject: RE: [PATCH] USB: g_serial: Allow to override the default VID/PID

Hi,

I just revisited the patch I submitted and I can see that it needs 
fixing. The intention of the patch was to provide the idVendor & 
idProduct kernel module parameter overrides to the individual 
functions at 'bind()' time. Prior to the patch, the overrides were 
done after the bind, making it hard for individual functions to 
determine the correct value for idVendor (some functions may need 
to use that value, e.g. USB audio when it registers itself
as an ALSA device; it would want to use the same Vendor id).

The patch makes sure that that happens, however, right after the bind()
the patched values are lost due to the copying of the gadget specific
device descriptor. Here's the snippet from 2.6.34:

 999        usb_gadget_set_selfpowered(gadget);
1000

1001        /* interface and string IDs start at zero via kzalloc.
1002         * we force endpoints to start unassigned; few controller
1003         * drivers will zero ep->driver_data.
1004         */
1005        usb_ep_autoconfig_reset(cdev->gadget);
1006
1007        /* composite gadget needs to assign strings for whole device (like
1008         * serial number), register function drivers, potentially update
1009         * power state and consumption, etc
1010         */
1011        status = composite->bind(cdev);
1012        if (status < 0)
1013                goto fail;
1014
1015        cdev->desc = *composite->dev;
1016        cdev->desc.bMaxPacketSize0 = gadget->ep0->maxpacket;
1017
1018        /* standardized runtime overrides for device ID data */
1019        if (idVendor)
1020                cdev->desc.idVendor = cpu_to_le16(idVendor);
1021        if (idProduct)
1022                cdev->desc.idProduct = cpu_to_le16(idProduct);
1023        if (bcdDevice)
1024                cdev->desc.bcdDevice = cpu_to_le16(bcdDevice);
1025

In line 1015, the composite device descriptor is copied to the cdev->desc
field. Then the values get patched.

My patch just moved lines 1018-1024, so that the functions could access
the patched values. The ill side effect is that these patched values
are lost when the *composite->dev (== device descriptor) is copied 
in line 1015.

It would seem that the patch should also have moved lines 1015-1016 in front 
of the composite->bind(cdev) call.

It would require all composite gadgets (such as serial.c) and all functions
(such as f_acm.c) to do any modifications to the device descriptor as passed 
to them in the 'bind' call. For functions that is natural, as they should be
unaware of the gadget that uses them. 

The composite gadgets such as 'serial' seem to deal with it differently.
The serial.c gadget refers to the device descriptor as 'device_desc', and it
is a static struct. It references it in its 'init' function (which is ok, it is
prior to the registration point) and in the gs_bind() call. At that point it should
probably not be using 'device_desc', but cdev->desc.

I think we can go one of two ways. I'd be happy to go over the composite gadgets and 
change their use of their device descriptors, such that they use cdev->desc at
bind() time. Combining that with the moving the copying of the *composite->dev
to before calling 'composite->bind()' would make things consistent.

The other way is reverting my original patch. For those functions that need access
to the overridden idVendor/idProduct code, we'll need to work out another
(generic) solution.

Robert 

> -----Original Message-----
> From: Jef Driesen [mailto:jefdriesen@...enet.be] 
> Sent: Sunday, November 21, 2010 12:03 AM
> To: Greg KH
> Cc: Robert Lukassen; David Brownell; Greg Kroah-Hartman; 
> linux-usb@...r.kernel.org; linux-kernel@...r.kernel.org
> Subject: Re: [PATCH] USB: g_serial: Allow to override the 
> default VID/PID
> 
> On 20/11/10 01:12, Greg KH wrote:
> > On Sat, Nov 20, 2010 at 12:32:34AM +0100, Jef Driesen wrote:
> >> Override the default VID/PID if custom values are supplied through 
> >> the idVendor and idProduct kernel module parameters.
> >>
> >> Signed-off-by: Jef Driesen<jefdriesen@...enet.be>
> >
> > So this patch resolves the bug found in
> > 1ab83238740ff1e1773d5c13ecac43c60cf4aec4 which showed up in 
> .35-rc1, 
> > right?
> 
> Yes, although I'm really sure it is the best way to fix the 
> problem. The way I understand this code is that before that 
> commit, the idVendor/idProduct/bcdDevice module parameters 
> where set after the bind(). Thus whatever was set as the 
> default there got replaced with the values of the module 
> parameters. Exactly what I would consider the correct 
> behavior. After the commit, they get set before bind(), where 
> they are changed back to the hardcoded values, which I think 
> is wrong. My patch sets them back to the right values, but 
> maybe it makes more sense to not set the default values in 
> the first place (if there are already values in place of 
> course). But I didn't knew how to accomplish that.
> 
> There might be similar problems for the other gadget drivers 
> as well. I haven't checked that.
> 
> >> ---
> >>   drivers/usb/gadget/serial.c |    5 +++++
> >>   1 files changed, 5 insertions(+), 0 deletions(-)
> >>
> >> diff --git a/drivers/usb/gadget/serial.c 
> >> b/drivers/usb/gadget/serial.c index f46a609..77b410e 100644
> >> --- a/drivers/usb/gadget/serial.c
> >> +++ b/drivers/usb/gadget/serial.c
> >> @@ -271,6 +271,11 @@ static int __init init(void)
> >>   	}
> >>   	strings_dev[STRING_DESCRIPTION_IDX].s = 
> >> serial_config_driver.label;
> >>
> >> +	if (idVendor)
> >> +		device_desc.idVendor = idVendor;
> >> +	if (idProduct)
> >> +		device_desc.idProduct = idProduct;
> >> +
> >>   	return usb_composite_register(&gserial_driver);
> >>   }
> >>   module_init(init);
> >> --
> >> 1.7.1
> 
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ