lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CALdjXpAzE3o7Bwdvj1TvsBRpDWDe1FZ8LsmL5q0suxYnRJCOaA@mail.gmail.com>
Date:   Sat, 31 Jul 2021 09:52:09 +1000
From:   Michael <msbroadf@...il.com>
To:     Shuah Khan <skhan@...uxfoundation.org>
Cc:     valentina.manea.m@...il.com, shuah@...nel.org,
        gregkh@...uxfoundation.org, linux-usb@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] vhci_hcd: USB port can get stuck in the disabled state

Yes i think just adding the VDEV_ST_USED check in addition to the
VDEV_ST_NOT_ASSIGNED state is fine and would fix the issue.

After many years of writing virtualhere (a similar system to usb/ip
but cross-platform and different non-kernel way of doing it server
side) I've seen many drivers that issue reset at any time. Loading
firmware is usually the reason.  Also sometimes switching
configurations requires a reset also, for example some gaming wheels
do this. I don't think you should make this VDEV_ST_USED check
specific to Wifi devices, as a lot of devices don't follow too closely
to the USB protocol to begin with from my experience. They primarily
base their USB interactions assuming the windows platform and its
quirks.

On Sat, 31 Jul 2021 at 08:52, Shuah Khan <skhan@...uxfoundation.org> wrote:
>
> On 7/23/21 5:58 PM, Michael wrote:
> > Here is the lsusb on the client when the device fails to attach
> > ---------------------------------------
> > michael@...ntu:~$ lsusb
> > Bus 006 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
> > Bus 005 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
> > Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
> > Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
> > Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
> > Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
> >
> >
> > Here is the lsusb on the host before use
> > -----------------------------------------------------
> > pi@...pberrypi:~ $ lsusb
> > Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
> > Bus 001 Device 003: ID 045e:02e6 Microsoft Corp. Wireless XBox Controller Dongle
> > Bus 001 Device 002: ID 2109:3431 VIA Labs, Inc. Hub
> > Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
> >
>
> Sorry for the delay on this. I had to make time to do some research on
> usb_reset_device() calls from probe routines.
>
>  From what you said in another email:
>
> "The device is in the  VDEV_ST_USED state when a reset occurs and so its
> never re-enabled"
>
> Right if device is in VDEV_ST_USED state, vhci treats reset as invalid.
>
> Your commit log says:
>
> "When a remote usb device is attached to the local Virtual USB
> Host Controller Root Hub port, the bound device driver may send a
> port reset command. For example to initialize firmware (eg. btusb does this).
> This port reset command can be sent at any time, however the VHCI hcd
> root hub is only expecting reset to occur before the device receives
> SET_ADDRESS. The USB port should always be enabled after a reset
> (because the port is virtual and there is no possibility of hardware errors)"
>
> It appears btusb driver issues reset as a workaround: btusb_setup_intel()
>
>         /* The controller has a bug with the first HCI command sent to it
>           * returning number of completed commands as zero. This would stall the
>           * command processing in the Bluetooth core.
>           *
>           * As a workaround, send HCI Reset command first which will reset the
>           * number of completed commands and allow normal command processing
>           * from now on.
>           */
>
> Another "Toggle the hard reset line" workaround for Realtek devices:
> See btusb_rtl_cmd_timeout()
>
> Both of these cases are workarounds. Is this what you are referring to about
> btusb doing reset?
>
> Specific to this bug report and mt76, other network/wireless usb drivers
> call usb_reset_device() from their probe routines unconditionally. These
> are the calls from normal paths and not fw load/error paths.
>
> rtl8152_probe(), carl9170_usb_probe(), mt7663u_probe() and so on. Looking
> at these probe routines, it appears some of them do that to avoid problems
> in disconnect path.
>
> I have two questions:
> - Is it necessary to do usb_reset_device() in net/wireless usb driver
>    probe routines?
> - Are these legit calls according to protocol?
>
> If yes, we can look into changing vhci to handle this case for net/wireless
> usb drivers. I would not delete the check though. I would add VDEV_ST_USED
> check in addition to VDEV_ST_NOTASSIGNED with some comments on why this is
> necessary.
>
> Furthermore there is a bug in the line pr_err("vhci_device speed not set\n");
> (L479) because resetting a full-speed device is not an error.
>
> This is a separate issue is separate. vhci is missing USB_SPEED_FULL checks
> at various places. This has to be done as a separate work.
>
> thanks,
> -- Shuah
>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ