[13/46] USB: serial: dont call release without attach
From: Greg KH
Date: Fri Oct 16 2009 - 13:26:09 EST
- Next message: Greg KH: "[19/46] arm, cris, mips, sparc, powerpc, um, xtensa: fix build with bash 4.0"
- Previous message: Greg KH: "[20/46] intel-iommu: Cope with broken HP DC7900 BIOS"
- In reply to: Greg KH: "[20/46] intel-iommu: Cope with broken HP DC7900 BIOS"
- Next in thread: Greg KH: "[19/46] arm, cris, mips, sparc, powerpc, um, xtensa: fix build with bash 4.0"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
2.6.31-stable review patch. If anyone has any objections, please let us know.
------------------
From: Alan Stern <stern@xxxxxxxxxxxxxxxxxxx>
commit a4720c650b68a5fe7faed2edeb0ad12645f7ae63 upstream.
This patch (as1295) fixes a recently-added bug in the USB serial core.
If certain kinds of errors occur during probing, the core may call a
serial driver's release method without previously calling the attach
method. This causes some drivers (io_ti in particular) to perform an
invalid memory access.
The patch adds a new flag to keep track of whether or not attach has
been called.
Signed-off-by: Alan Stern <stern@xxxxxxxxxxxxxxxxxxx>
Tested-by: Jean-Denis Girard <jd.girard@xxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>
---
drivers/usb/serial/usb-serial.c | 6 +++++-
include/linux/usb/serial.h | 1 +
2 files changed, 6 insertions(+), 1 deletion(-)
--- a/drivers/usb/serial/usb-serial.c
+++ b/drivers/usb/serial/usb-serial.c
@@ -155,7 +155,8 @@ static void destroy_serial(struct kref *
if (serial->minor != SERIAL_TTY_NO_MINOR)
return_serial(serial);
- serial->type->release(serial);
+ if (serial->attached)
+ serial->type->release(serial);
/* Now that nothing is using the ports, they can be freed */
for (i = 0; i < serial->num_port_pointers; ++i) {
@@ -1060,12 +1061,15 @@ int usb_serial_probe(struct usb_interfac
module_put(type->driver.owner);
if (retval < 0)
goto probe_error;
+ serial->attached = 1;
if (retval > 0) {
/* quietly accept this device, but don't bind to a
serial port as it's about to disappear */
serial->num_ports = 0;
goto exit;
}
+ } else {
+ serial->attached = 1;
}
if (get_free_serial(serial, num_ports, &minor) == NULL) {
--- a/include/linux/usb/serial.h
+++ b/include/linux/usb/serial.h
@@ -148,6 +148,7 @@ struct usb_serial {
struct usb_interface *interface;
unsigned char disconnected:1;
unsigned char suspending:1;
+ unsigned char attached:1;
unsigned char minor;
unsigned char num_ports;
unsigned char num_port_pointers;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
- Next message: Greg KH: "[19/46] arm, cris, mips, sparc, powerpc, um, xtensa: fix build with bash 4.0"
- Previous message: Greg KH: "[20/46] intel-iommu: Cope with broken HP DC7900 BIOS"
- In reply to: Greg KH: "[20/46] intel-iommu: Cope with broken HP DC7900 BIOS"
- Next in thread: Greg KH: "[19/46] arm, cris, mips, sparc, powerpc, um, xtensa: fix build with bash 4.0"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]