From: Gerd Hoffmann <kraxel@redhat.com>
To: qemu-devel@nongnu.org
Cc: Gerd Hoffmann <kraxel@redhat.com>
Subject: [Qemu-devel] [PATCH 09/21] usb-ehci: sanity-check iso xfers
Date: Tue, 28 Feb 2012 11:20:18 +0100 [thread overview]
Message-ID: <1330424430-23015-10-git-send-email-kraxel@redhat.com> (raw)
In-Reply-To: <1330424430-23015-1-git-send-email-kraxel@redhat.com>
This patch adds a sanity check to itd processing to make sure the
endpoint addressed by the guest is actually an iso endpoint. Also
verify that usb drivers don't return USB_RET_ASYNC which is illegal for
iso xfers.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/usb-ehci.c | 16 ++++++++++------
1 files changed, 10 insertions(+), 6 deletions(-)
diff --git a/hw/usb-ehci.c b/hw/usb-ehci.c
index b9da26a..048eb76 100644
--- a/hw/usb-ehci.c
+++ b/hw/usb-ehci.c
@@ -1459,12 +1459,16 @@ static int ehci_process_itd(EHCIState *ehci,
dev = ehci_find_device(ehci, devaddr);
ep = usb_ep_get(dev, pid, endp);
- usb_packet_setup(&ehci->ipacket, pid, ep);
- usb_packet_map(&ehci->ipacket, &ehci->isgl);
-
- ret = usb_handle_packet(dev, &ehci->ipacket);
-
- usb_packet_unmap(&ehci->ipacket);
+ if (ep->type == USB_ENDPOINT_XFER_ISOC) {
+ usb_packet_setup(&ehci->ipacket, pid, ep);
+ usb_packet_map(&ehci->ipacket, &ehci->isgl);
+ ret = usb_handle_packet(dev, &ehci->ipacket);
+ assert(ret != USB_RET_ASYNC);
+ usb_packet_unmap(&ehci->ipacket);
+ } else {
+ DPRINTF("ISOCH: attempt to addess non-iso endpoint\n");
+ ret = USB_RET_NAK;
+ }
qemu_sglist_destroy(&ehci->isgl);
#if 0
--
1.7.1
next prev parent reply other threads:[~2012-02-28 10:20 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-02-28 10:20 [Qemu-devel] [PULL] usb patch queue Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 01/21] usb-hid: fix tablet activation Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 02/21] usb-ehci: fix reset Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 03/21] usb-uhci: cleanup UHCIAsync allocation & initialization Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 04/21] usb-uhci: add UHCIQueue Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 05/21] usb-uhci: process uhci_handle_td return code via switch Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 06/21] usb-uhci: implement packet queuing Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 07/21] usb-xhci: enable " Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 08/21] usb: add tracepoint for usb packet state changes Gerd Hoffmann
2012-02-28 10:20 ` Gerd Hoffmann [this message]
2012-02-28 10:20 ` [Qemu-devel] [PATCH 10/21] usb-desc: fix user trigerrable segfaults (!config) Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 11/21] libcacard: link with glib for g_strndup Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 12/21] usb-ccid: advertise SELF_POWERED Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 13/21] libcacard: fix reported ATR length Gerd Hoffmann
2012-03-08 7:12 ` Wen Congyang
2012-03-08 8:15 ` Alon Levy
2012-02-28 10:20 ` [Qemu-devel] [PATCH 14/21] usb-ehci: Handle ISO packets failing with an error other then NAK Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 15/21] ehci: drop old stuff Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 16/21] usb-redir: Fix printing of device version Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 17/21] usb-redir: Always clear device state on filter reject Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 18/21] usb-redir: Let the usb-host know about our device filtering Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 19/21] usb-redir: Limit return values returned by iso packets Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 20/21] usb-redir: Return USB_RET_NAK when we've no data for an interrupt endpoint Gerd Hoffmann
2012-02-28 10:20 ` [Qemu-devel] [PATCH 21/21] usb: Resolve warnings about unassigned bus on usb device creation Gerd Hoffmann
2012-02-29 21:07 ` [Qemu-devel] [PULL] usb patch queue Anthony Liguori
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1330424430-23015-10-git-send-email-kraxel@redhat.com \
--to=kraxel@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).