lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <2025022446-reliable-snugly-84e6@gregkh>
Date: Mon, 24 Feb 2025 10:51:04 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Prashanth K <prashanth.k@....qualcomm.com>
Cc: Kees Bakker <kees@...erbout.nl>,
	William McVicker <willmcvicker@...gle.com>,
	Marek Szyprowski <m.szyprowski@...sung.com>,
	linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org,
	stable@...r.kernel.org
Subject: Re: [PATCH] usb: gadget: Check bmAttributes only if configuration is
 valid

On Mon, Feb 24, 2025 at 02:53:59PM +0530, Prashanth K wrote:
> 
> 
> On 24-02-25 02:36 pm, Greg Kroah-Hartman wrote:
> > On Mon, Feb 24, 2025 at 02:26:04PM +0530, Prashanth K wrote:
> >> If the USB configuration is not valid, then avoid checking for
> >> bmAttributes to prevent null pointer deference.
> >>
> >> Cc: stable@...r.kernel.org
> >> Fixes: 40e89ff5750f ("usb: gadget: Set self-powered based on MaxPower and bmAttributes")
> >> Signed-off-by: Prashanth K <prashanth.k@....qualcomm.com>
> >> ---
> >>  drivers/usb/gadget/composite.c | 2 +-
> >>  1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/drivers/usb/gadget/composite.c b/drivers/usb/gadget/composite.c
> >> index 4bcf73bae761..869ad99afb48 100644
> >> --- a/drivers/usb/gadget/composite.c
> >> +++ b/drivers/usb/gadget/composite.c
> >> @@ -1051,7 +1051,7 @@ static int set_config(struct usb_composite_dev *cdev,
> >>  		usb_gadget_set_remote_wakeup(gadget, 0);
> >>  done:
> >>  	if (power > USB_SELF_POWER_VBUS_MAX_DRAW ||
> >> -	    !(c->bmAttributes & USB_CONFIG_ATT_SELFPOWER))
> >> +	    (c && !(c->bmAttributes & USB_CONFIG_ATT_SELFPOWER)))
> >>  		usb_gadget_clear_selfpowered(gadget);
> >>  	else
> >>  		usb_gadget_set_selfpowered(gadget);
> >> -- 
> >> 2.25.1
> >>
> >>
> > 
> > Have you checked linux-next yet for this fix that was posted last week?
> > Does that not resolve the issue for you?
> > 
> > thanks,
> > 
> > greg k-h
> 
> I hope you are mentioning this one -
> https://lore.kernel.org/all/20250220120314.3614330-1-m.szyprowski@samsung.com/

Yes.

> The above patch fixes null pointer in composite_suspend(), I'm trying to
> address a similar bug which is present in set_config(), it gets exposed
> if the requested configuration is not present in cdev->configs.

Ah, missed that, sorry.  I'll go queue this up too.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ