From: Marek Vasut <marex@denx.de>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH v2] usb: xhci: Fix a potential NULL pointer dereference
Date: Tue, 18 Aug 2015 15:56:45 +0200 [thread overview]
Message-ID: <201508181556.45881.marex@denx.de> (raw)
In-Reply-To: <CAPEA6daK+-MzPKDXeWyx7dMMQ-usC868FrLS_w1Z-D6PL8u+UA@mail.gmail.com>
On Tuesday, August 18, 2015 at 02:16:12 PM, Sergei Temerkhanov wrote:
> On Sun, Aug 16, 2015 at 7:55 PM, Marek Vasut <marex@denx.de> wrote:
> > On Saturday, August 15, 2015 at 12:28:10 AM, Sergei Temerkhanov wrote:
> >> On Fri, Aug 14, 2015 at 11:46 PM, Marek Vasut <marex@denx.de> wrote:
> >> > On Friday, August 14, 2015 at 05:14:09 PM, Sergey Temerkhanov wrote:
> >> >> This patch fixes a potential NULL pointer dereference arising on
> >> >> non-present/non-initialized xHCI controllers and adds some error
> >> >> handling to xHCI code
> >> >>
> >> >> Signed-off-by: Sergey Temerkhanov <s.temerkhanov@gmail.com>
> >> >> Signed-off-by: Radha Mohan Chintakuntla <rchintakuntla@cavium.com>
> >> >>
> >> >> ---
> >> >>
> >> >> Changes in v2:
> >> >> - Add return value check with setting hccr and hcor to NULL
> >> >>
> >> >> drivers/usb/host/xhci.c | 15 +++++++++++----
> >> >> 1 file changed, 11 insertions(+), 4 deletions(-)
> >> >>
> >> >> diff --git a/drivers/usb/host/xhci.c b/drivers/usb/host/xhci.c
> >> >> index 0b09643..f8e2d70 100644
> >> >> --- a/drivers/usb/host/xhci.c
> >> >> +++ b/drivers/usb/host/xhci.c
> >> >> @@ -199,7 +199,7 @@ int xhci_reset(struct xhci_hcor *hcor)
> >> >>
> >> >> int ret;
> >> >>
> >> >> /* Halting the Host first */
> >> >>
> >> >> - debug("// Halt the HC\n");
> >> >> + debug("// Halt the HC: %p\n", hcor);
> >> >>
> >> >> state = xhci_readl(&hcor->or_usbsts) & STS_HALT;
> >> >> if (!state) {
> >> >>
> >> >> cmd = xhci_readl(&hcor->or_usbcmd);
> >> >>
> >> >> @@ -1079,6 +1079,11 @@ int usb_lowlevel_init(int index, enum
> >> >> usb_init_type init, void **controller)
> >> >>
> >> >> *controller = &xhcic[index];
> >> >>
> >> >> + if (ret) {
> >> >> + ctrl->hccr = NULL;
> >> >> + ctrl->hcor = NULL;
> >> >
> >> > Controller should be set to NULL too, for the sake of being completely
> >> > precise, don't you think so ?
> >>
> >> Maybe. Though the only place it's actually used at the moment (there
> >> is also some USB gadget stuff
> >> which seems to rely on EHCI) passes a pointer to a local variable and
> >> checks the return value.
> >
> > I think it might be even better to shuffle the code around a little, so
> > that controller is only set if ret == 0. Can you please do this last
> > bit and send a V3 ? I'd like to pick the patch then. Thanks!
>
> Please see the v3 of this patch
Hi,
I saw it, it's OK and I'll pick it shortly. Thanks!
Best regards,
Marek Vasut
prev parent reply other threads:[~2015-08-18 13:56 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-08-14 15:14 [U-Boot] [PATCH v2] usb: xhci: Fix a potential NULL pointer dereference Sergey Temerkhanov
2015-08-14 20:46 ` Marek Vasut
2015-08-14 22:28 ` Sergei Temerkhanov
2015-08-16 16:55 ` Marek Vasut
2015-08-18 12:16 ` Sergei Temerkhanov
2015-08-18 13:56 ` Marek Vasut [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201508181556.45881.marex@denx.de \
--to=marex@denx.de \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.