On Mon, 30 Jul 2007 17:06:16 -0400 (EDT), Alan Stern <[EMAIL PROTECTED]> wrote:
> --- usb-2.6.orig/drivers/usb/core/urb.c
> +++ usb-2.6/drivers/usb/core/urb.c
> @@ -309,7 +309,21 @@ int usb_submit_urb(struct urb *urb, gfp_
> xfertype = usb_endpoint_type(&ep->desc);
> - is_out = usb_pipeout(urb->pipe);
> + if (xfertype == USB_ENDPOINT_XFER_CONTROL) {
> + struct usb_ctrlrequest *setup =
> + (struct usb_ctrlrequest *) urb->setup_packet;
> +
> + if (!setup)
> + return -ENOEXEC;
I welcome this. I should be able to rip some code out of usbmon now.
The comment in usb.h says:
* (Note
* that transfer_buffer and setup_packet must still be set because not all
* host controllers use DMA, nor do virtual root hubs).
But in case of data, this happens when a driver attempts to set up DMA
with a highmem page without doing a kmap first. I think we never enforced
the above comment. And I think that I managed to oops usbmon by dereferencing
garbage in transfer_buffer before but I may not remember right.
But the setup packet should be mapped to be used, right? There's no
good reason for setup_packet not to be mapped, right?
-- Pete
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
linux-usb-devel@lists.sourceforge.net
To unsubscribe, use the last form field at:
https://lists.sourceforge.net/lists/listinfo/linux-usb-devel
