lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250414101850.2d6becf2@foxbook>
Date: Mon, 14 Apr 2025 10:18:50 +0200
From: Michal Pecio <michal.pecio@...il.com>
To: Mathias Nyman <mathias.nyman@...el.com>, Greg Kroah-Hartman
 <gregkh@...uxfoundation.org>
Cc: Jonathan Bell <jonathan@...pberrypi.org>, Oliver Neukum
 <oneukum@...e.com>, linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH 0/1] usb: xhci: Don't trust the EP Context cycle bit when
 moving HW dequeue

Hi,

I ran into an annoying bug in VIA hardware, where Endpoint Context
state is not updated when it's supposed to and Set TR Dequeue issued
by the driver sets wrong cycle state and the endpoint stops working.

This can be triggered by stalls, which are relatively common:
- some card readers without a card inserted
- disk I/O errors
- failing SMART commands, possibly issued by daemons like udisks2

I knew immediately what to do, because it's a known bug and Raspberry
Pi has a fix for it, which they submitted upstream but it got reverted
later. The revert is puzzling, because it was a boot issue, happening
before the changed code is supposed to run.

If the problem wasn't misdiagnozed and blamed on a wrong patch, I can
imagine the workaround could put the chip in a bad state which caused
problems after rebooting. The commit surely had a blatant endian bug
and VL805 is prone to locking up hard under some unclear conditions.

This is my attempt at a simpler, and hopefully correct, solution.
I tried to come up with something stable-friendly, but the patch is
not marked for stable becasue it wouldn't compile anyway. If there
is interest in having this in stable, we can trivially backport it
(a matter of end_trb/last_trb rename) and submit later.

Regards,
Michal

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ