lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.44L0.1509231024550.1670-100000@iolanthe.rowland.org>
Date:	Wed, 23 Sep 2015 10:30:21 -0400 (EDT)
From:	Alan Stern <stern@...land.harvard.edu>
To:	Felipe Tonello <eu@...ipetonello.com>
cc:	Peter Chen <peter.chen@...escale.com>,
	USB list <linux-usb@...r.kernel.org>,
	Kernel development list <linux-kernel@...r.kernel.org>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Felipe Balbi <balbi@...com>,
	Andrzej Pietrasiewicz <andrzej.p@...sung.com>
Subject: Re: [PATCH 2/3] usb: gadget: f_midi: free usb request when done

On Wed, 23 Sep 2015, Felipe Tonello wrote:

> Hi Peter,
> 
> On Wed, Sep 23, 2015 at 4:10 AM, Peter Chen <peter.chen@...escale.com> wrote:
> > On Tue, Sep 22, 2015 at 07:59:09PM +0100, Felipe F. Tonello wrote:
> >> req->actual == req->length means that there is no data left to enqueue,
> >> so free the request.
> >>
> >> Signed-off-by: Felipe F. Tonello <eu@...ipetonello.com>
> >> ---
> >>  drivers/usb/gadget/function/f_midi.c | 5 ++++-
> >>  1 file changed, 4 insertions(+), 1 deletion(-)
> >>
> >> diff --git a/drivers/usb/gadget/function/f_midi.c b/drivers/usb/gadget/function/f_midi.c
> >> index edb84ca..e92aff5 100644
> >> --- a/drivers/usb/gadget/function/f_midi.c
> >> +++ b/drivers/usb/gadget/function/f_midi.c
> >> @@ -258,7 +258,10 @@ f_midi_complete(struct usb_ep *ep, struct usb_request *req)
> >>               } else if (ep == midi->in_ep) {
> >>                       /* Our transmit completed. See if there's more to go.
> >>                        * f_midi_transmit eats req, don't queue it again. */
> >> -                     f_midi_transmit(midi, req);
> >> +                     if (req->actual < req->length)
> >> +                             f_midi_transmit(midi, req);
> >> +                     else
> >> +                             free_ep_req(ep, req);
> >>                       return;
> >>               }
> >
> > It is incorrect, if no reqeust in queue, how device knows when
> > the host sends data?
> 
> This is the complete function of the IN endpoint.
> 
> Actually I believe the proper patch is to enqueue this request again
> if req->actual < req->length is true. Because the data is still there,
> just not fully completed. Asking to transmit the request again will
> cause to read new data from ALSA MIDI module, which it can possibly
> steal data from a real ALSA request from f_midi_in_trigger. If that
> doesn't happen (req->length == 0), the request will be freed anyway.
> 
> Any thoughts?

Please pardon me for jumping in in the middle of a conversation.  I 
know practically zero about f_midi.  But nevertheless...

How can you ever have req->actual < req->length for a usb_request on an
IN endpoint?  The only way that can happen is if some sort of error or
exceptional event occurred, for example, if the transfer was cancelled
before it could run to completion.  In such cases I doubt that you
really want to retransmit the data.  Particularly since part of it
probably was received by the host -- do you really want to send that
part of the data a second time?

Don't bother to answer if this doesn't make any sense...

Alan Stern

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ