[<prev] [next>] [day] [month] [year] [list]
Message-ID: <2025031402-fastness-humming-e87c@gregkh>
Date: Fri, 14 Mar 2025 06:44:54 +0100
From: Greg KH <gregkh@...uxfoundation.org>
To: daixin_tkzc <daixin_tkzc@....com>
Cc: Alan Stern <stern@...land.harvard.edu>,
matthew dharm <mdharm-usb@...-eyed-alien.net>,
linux-usb@...r.kernel.org, usb-storage@...ts.one-eyed-alien.net,
linux-kernel@...r.kernel.org
Subject: Re: Re:[PATCH] usb: storage: Fix `us->iobuf` size for BOT
transmission to prevent memory overflow
On Fri, Mar 14, 2025 at 10:28:41AM +0800, daixin_tkzc wrote:
> How us->iobuf overflow could occur?
>
> For 1), the USB device does not know that a Babble Error has occurred at this time (DWC_otg knows what happened), It actually continuously returns 512 bytes data through DMA write to CSW address (As can be seen in the waveform in the appendix document before). The DWC_otg controller driver cannot control how much data the device returns(13 or 512 bytes). However, the USB storage driver pre-allocates a default buffer size of 64 bytes for CBW/CSW.
If this really is true, it is a bug in the dwc driver. Please fix it
there, otherwise you will have to modify every single USB driver in
Linux to have a larger buffer size, not just the storage one.
thanks,
greg k-h
Powered by blists - more mailing lists