Re: [PATCH v2] usb: gadget: composite: Fix null pointer exception

[Greg KH <gregkh@linuxfoundation.org>]

On Mon, Nov 08, 2021 at 01:10:14PM +0000, 胡启航(Nick Hu) wrote:
> > -----Original Message-----
> > From: Greg KH <gregkh@linuxfoundation.org>
> > Sent: Monday, November 8, 2021 8:56 PM
> > To: 胡启航(Nick Hu) <huqihang@oppo.com>
> > Cc: balbi@kernel.org; peter.chen@kernel.org; linux-usb@vger.kernel.org;
> > linux-kernel@vger.kernel.org
> > Subject: Re: [PATCH v2] usb: gadget: composite: Fix null pointer exception
> > 
> > On Mon, Nov 08, 2021 at 12:42:24PM +0000, 胡启航(Nick Hu) wrote:
> > > > -----Original Message-----
> > > > From: Greg KH <gregkh@linuxfoundation.org>
> > > > Sent: Friday, November 5, 2021 8:45 PM
> > > > To: 胡启航(Nick Hu) <huqihang@oppo.com>
> > > > Cc: balbi@kernel.org; peter.chen@kernel.org;
> > > > linux-usb@vger.kernel.org; linux-kernel@vger.kernel.org
> > > > Subject: Re: [PATCH v2] usb: gadget: composite: Fix null pointer
> > > > exception
> > > >
> > > > On Fri, Nov 05, 2021 at 06:48:40PM +0800, Qihang Hu wrote:
> > > > > In the config_ep_by_speed_and_alt function, select the
> > > > > corresponding descriptor through g->speed, but the function driver
> > > > > may not support the corresponding speed. So, we need to check
> > > > > whether the function driver provides the corresponding speed
> > > > > descriptor when selecting the descriptor.
> > > > >
> > > > > [  237.708146]  android_work: sent uevent USB_STATE=CONNECTED [
> > > > > 237.712464]  kconfigfs-gadget gadget: super-speed config #1: b [
> > > > > 237.712487]  kUnable to handle kernel NULL pointer dereference at
> > > > virtual address 0000000000000000
> > > >
> > > > So this is an invalid driver causing this problem?  Or can this be
> > > > triggered by userspace?
> > >
> > > Yes, if the kernel is loaded with an interface driver that does not
> > > support all speeds, this problem can be triggered in userspace.
> > 
> > What in-kernel driver does not support all speeds that can trigger this?
> > 
> > Why not fix the drivers?
> 
> This problem is caused by android f_audio_source.c

That file should not be used anymore, please use the proper USB gadget
code for Android instead.  There is a reason that code was never merged
upstream.

> I think the core driver code should be improved to make it less susceptible to function-driven influence. 
> Of course, repairing the function driver is the fundamental solution to the problem.

There is no need to use that code at all, so you are trying to fix an
external driver's bug with a core kernel change.  That's not the best
thing to do here :)

> > > I have not submitted a BUG.
> > > I will study and submit a BUG as soon as possible.
> > 
> > I do not understand what you mean by this.  I am asking what commit caused
> > this problem so we can mark this one as fixing it.
> > 
> 
> This is a problem with Android's driver code.
> The kernel does not include it.

Great, then fix the android driver's code and then do not use it anymore :)

thanks,

greg k-h