From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from [140.186.70.92] (port=40546 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1ORrEG-0000RA-8u for qemu-devel@nongnu.org; Thu, 24 Jun 2010 14:32:49 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69) (envelope-from ) id 1ORrED-0006Dw-MI for qemu-devel@nongnu.org; Thu, 24 Jun 2010 14:32:48 -0400 Received: from mail-gx0-f173.google.com ([209.85.161.173]:46383) by eggs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1ORrED-0006Dq-K1 for qemu-devel@nongnu.org; Thu, 24 Jun 2010 14:32:45 -0400 Received: by gxk25 with SMTP id 25so934192gxk.4 for ; Thu, 24 Jun 2010 11:32:44 -0700 (PDT) Message-ID: <4C23A4E1.3080806@gmail.com> Date: Thu, 24 Jun 2010 14:33:05 -0400 From: TJ MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: [Qemu-devel] Fwd: [PATCH] Guest OS hangs on usb_add List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org This is a small patch to sligtly "intelligentify" usb device and config descriptor parsing and to handle bug with certain usb device reporting device desriptor length as 0x18 (instead of 18) --- hw/usb.h | 5 +++++ usb-linux.c | 36 +++++++++++++++++++++--------------- 2 files changed, 26 insertions(+), 15 deletions(-) diff --git a/hw/usb.h b/hw/usb.h index 00d2802..5c3528f 100644 --- a/hw/usb.h +++ b/hw/usb.h @@ -117,6 +117,11 @@ #define USB_DT_INTERFACE 0x04 #define USB_DT_ENDPOINT 0x05 +#define USB_DT_DEVICE_LEN 18 +#define USB_DT_CONFIG_LEN 9 +#define USB_DT_INTERFACE_LEN 9 +#define USB_DT_ENDPOINT_LEN 7 + #define USB_ENDPOINT_XFER_CONTROL 0 #define USB_ENDPOINT_XFER_ISOC 1 #define USB_ENDPOINT_XFER_BULK 2 diff --git a/usb-linux.c b/usb-linux.c index 88273ff..3ff0856 100644 --- a/usb-linux.c +++ b/usb-linux.c @@ -288,7 +288,7 @@ static void async_cancel(USBPacket *unused, void *opaque) static int usb_host_claim_interfaces(USBHostDevice *dev, int configuration) { - int dev_descr_len, config_descr_len; + int dev_descr_len, config_descr_total_len; int interface, nb_interfaces; int ret, i; @@ -297,32 +297,38 @@ static int usb_host_claim_interfaces(USBHostDevice *dev, int configuration) DPRINTF("husb: claiming interfaces. config %d\n", configuration); - i = 0; dev_descr_len = dev->descr[0]; - if (dev_descr_len > dev->descr_len) { + if (dev_descr_len == 0x18) + dev_descr_len = USB_DT_DEVICE_LEN; /* for buggy device(s) reporting len in hex */ + + if (dev_descr_len > dev->descr_len || dev_descr_len < USB_DT_DEVICE_LEN || dev->descr[1] != USB_DT_DEVICE) { + fprintf(stderr, "husb: invalid device descriptor\n"); goto fail; } - i += dev_descr_len; - while (i < dev->descr_len) { + for (i = dev_descr_len; i < dev->descr_len; ) { DPRINTF("husb: i is %d, descr_len is %d, dl %d, dt %d\n", i, dev->descr_len, dev->descr[i], dev->descr[i+1]); - if (dev->descr[i+1] != USB_DT_CONFIG) { - i += dev->descr[i]; - continue; + if (dev->descr[i] < 2) { + fprintf(stderr, "husb: invalid descriptor\n"); + goto fail; } - config_descr_len = dev->descr[i]; + if (dev->descr[i+1] == USB_DT_CONFIG) { + config_descr_total_len = dev->descr[i+2] + (dev->descr[i+3] << 8); - printf("husb: config #%d need %d\n", dev->descr[i + 5], configuration); + printf("husb: config #%d need %d\n", dev->descr[i + 5], configuration); - if (configuration < 0 || configuration == dev->descr[i + 5]) { - configuration = dev->descr[i + 5]; - break; - } + if (configuration < 0 || configuration == dev->descr[i + 5]) { + configuration = dev->descr[i + 5]; + break; + } - i += config_descr_len; + i += config_descr_total_len; + } + else + i += dev->descr[i]; } if (i >= dev->descr_len) {