| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1350939400-27209-2-git-send-email-bjorn@mork.no>
Date: Mon, 22 Oct 2012 22:56:28 +0200
From: Bjørn Mork <bjorn@...k.no>
To: netdev@...r.kernel.org
Cc: linux-usb@...r.kernel.org, Oliver Neukum <oliver@...kum.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Alexey Orishko <alexey.orishko@...il.com>,
Greg Suarez <gpsuarez2512@...il.com>,
"Fangxiaozhi (Franko)" <fangxiaozhi@...wei.com>,
Dan Williams <dcbw@...hat.com>,
Aleksander Morgado <aleksander@...edo.com>,
Bjørn Mork <bjorn@...k.no>
Subject: [PATCH v2 net-next 01/13] net: cdc_ncm: workaround NTB input size firmware bug
Some devices do not support the 8 byte variants of the NTB input
size control messages despite announcing such support in their
NCM or MBIM functional descriptor.
According to the NCM specification, all devices must support the
4 byte variant regardless of whether or not the flag is set:
If bit D5 is set in the bmNetworkCapabilities field of
function’s NCM Functional Descriptor, the host may
set wLength either to 4 or to 8. If wLength is 4, the
function shall assume that wNtbInMaxDatagrams is to be
set to zero. If wLength is 8, then the function shall
use the provided value as the limit. The function shall
return an error response (a STALL PID) if wLength is set
to any other value.
We do not set wNtbInMaxDatagrams in any case, so we can just as
well unconditionally use the 4 byte variant without losing any
functionality. This works around the known firmware bug, and
simplifies the code considerably.
Signed-off-by: Bjørn Mork <bjorn@...k.no>
---
drivers/net/usb/cdc_ncm.c | 46 +++++++++++++--------------------------------
1 file changed, 13 insertions(+), 33 deletions(-)
diff --git a/drivers/net/usb/cdc_ncm.c b/drivers/net/usb/cdc_ncm.c
index 4cd582a..32bdf54 100644
--- a/drivers/net/usb/cdc_ncm.c
+++ b/drivers/net/usb/cdc_ncm.c
@@ -215,41 +215,21 @@ static u8 cdc_ncm_setup(struct cdc_ncm_ctx *ctx)
/* inform device about NTB input size changes */
if (ctx->rx_max != le32_to_cpu(ctx->ncm_parm.dwNtbInMaxSize)) {
+ __le32 *dwNtbInMaxSize;
- if (flags & USB_CDC_NCM_NCAP_NTB_INPUT_SIZE) {
- struct usb_cdc_ncm_ndp_input_size *ndp_in_sz;
-
- ndp_in_sz = kzalloc(sizeof(*ndp_in_sz), GFP_KERNEL);
- if (!ndp_in_sz) {
- err = -ENOMEM;
- goto size_err;
- }
-
- err = usb_control_msg(ctx->udev,
- usb_sndctrlpipe(ctx->udev, 0),
- USB_CDC_SET_NTB_INPUT_SIZE,
- USB_TYPE_CLASS | USB_DIR_OUT
- | USB_RECIP_INTERFACE,
- 0, iface_no, ndp_in_sz, 8, 1000);
- kfree(ndp_in_sz);
- } else {
- __le32 *dwNtbInMaxSize;
- dwNtbInMaxSize = kzalloc(sizeof(*dwNtbInMaxSize),
- GFP_KERNEL);
- if (!dwNtbInMaxSize) {
- err = -ENOMEM;
- goto size_err;
- }
- *dwNtbInMaxSize = cpu_to_le32(ctx->rx_max);
-
- err = usb_control_msg(ctx->udev,
- usb_sndctrlpipe(ctx->udev, 0),
- USB_CDC_SET_NTB_INPUT_SIZE,
- USB_TYPE_CLASS | USB_DIR_OUT
- | USB_RECIP_INTERFACE,
- 0, iface_no, dwNtbInMaxSize, 4, 1000);
- kfree(dwNtbInMaxSize);
+ dwNtbInMaxSize = kzalloc(sizeof(*dwNtbInMaxSize), GFP_KERNEL);
+ if (!dwNtbInMaxSize) {
+ err = -ENOMEM;
+ goto size_err;
}
+ *dwNtbInMaxSize = cpu_to_le32(ctx->rx_max);
+ err = usb_control_msg(ctx->udev,
+ usb_sndctrlpipe(ctx->udev, 0),
+ USB_CDC_SET_NTB_INPUT_SIZE,
+ USB_TYPE_CLASS | USB_DIR_OUT
+ | USB_RECIP_INTERFACE,
+ 0, iface_no, dwNtbInMaxSize, 4, 1000);
+ kfree(dwNtbInMaxSize);
size_err:
if (err < 0)
pr_debug("Setting NTB Input Size failed\n");
--
1.7.10.4
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists