[linux-usb-devel] Artificial limits in usbfs

[Micah Dowty]

Hi,

Some months ago I raised my concerns about artificial
limits in usbfs, by submitting two very simple patches:

http://article.gmane.org/gmane.linux.usb.devel/40811
http://article.gmane.org/gmane.linux.usb.devel/40812

The issue hasn't been resolved yet, so I'd like to briefly
restate the points made thus far and solicit any further
comments on the issue.

The proc_do_submiturb() implementation in devio.c tests
URBs against several arbitrary limits. The two I'm most
concerned about are:

1.
   /* min 8 byte setup packet, max arbitrary */
   if (uurb->buffer_length < 8 || uurb->buffer_length > PAGE_SIZE)
           return -EINVAL;

2.
   if (isopkt[u].length > 1023) {
           kfree(isopkt);
           return -EINVAL;
   }

The limit in (1) makes it impossible to write userspace
drivers for devices which require a full 4K of data in
their control transfers. The limit in (2) makes it
impossible to support high-bandwidth USB 2.0 isochronous
transfers from userspace.

My solution was to bump (1) from PAGE_SIZE to PAGE_SIZE*2,
and (2) from 1023 to 6144, but both suggestions were
relatively arbitrary.

David Brownell suggested replacing the limit in (1) with
4K+8 bytes, and he pointed out that the test in (2) should
respect the device's descriptors. That started a discussion
on whether the tests in devio.c should enforce validity
according to the USB spec, or whether they should simply
prevent userspace code from causing overflows or unusually
large kmalloc()s.

I would submit that it isn't the usbfs layer's job to
enforce the USB spec. There are two reasons for this:

- Some USB devices are broken, and it should still be
  possible to write drivers for them on Linux- even
  user-space drivers.

- Any portions of the USB spec that Linux does choose
  to enforce should be enforced in the main URB submit
  paths, rather than at the usbfs layer. The class of
  URBs which kernel code can submit but userlevel code
  cannot submit should be limited only to those which
  have a danger of affecting system stability.

I'd be very interested to hear more opinions on this
issue.

--Micah


-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid0709&bid&3057&dat1642
_______________________________________________
linux-usb-devel@lists.sourceforge.net
To unsubscribe, use the last form field at:
https://lists.sourceforge.net/lists/listinfo/linux-usb-devel