Re: [PATCH v2] wifi: carl9170: add a proper sanity check for endpoints

[Christian Lamparter]

On 4/26/24 6:58 AM, Kalle Valo wrote:
> Christian Lamparter <chunkeey@xxxxxxxxx> writes:
>
> > On 4/22/24 8:33 PM, Nikita Zhandarovich wrote:
> > > Syzkaller reports [1] hitting a warning which is caused by presence
> > > of a wrong endpoint type at the URB sumbitting stage. While there
> > > was a check for a specific 4th endpoint, since it can switch types
> > > between bulk and interrupt, other endpoints are trusted implicitly.
> > > Similar warning is triggered in a couple of other syzbot issues [2].
> > > Fix the issue by doing a comprehensive check of all endpoints
> > > taking into account difference between high- and full-speed
> > > configuration.
> > > This patch has not been tested on real hardware.
> >
> > Oh, I've tested the original patch on real hardware ;). You can remove that line.
>
> BTW I can remove that line, no need to resend because of this.

finished testing v2 - it works, no surprise.

high-speed:
| [  188.470363] usb 3-14: new high-speed USB device number 4 using xhci_hcd
| [  188.661053] usb 3-14: New USB device found, idVendor=0846, idProduct=9010, bcdDevice= 1.06
| [  188.661056] usb 3-14: New USB device strings: Mfr=16, Product=32, SerialNumber=48
| [  188.661058] usb 3-14: Product: USB2.0 WLAN
| [  188.661059] usb 3-14: Manufacturer: ATHER
| [  188.661060] usb 3-14: SerialNumber: 12345
| [  188.783843] usb 3-14: reset high-speed USB device number 4 using xhci_hcd
| [  188.963408] usb 3-14: driver   API: 1.9.9 2016-02-15 [1-1]
| [  188.963412] usb 3-14: firmware API: 1.9.6 2012-07-07
| [  189.298218] ath: EEPROM regdomain: 0x0
| [  189.298221] ath: EEPROM indicates default country code should be used
| [  189.298222] ath: doing EEPROM country->regdmn map search
| [  189.298223] ath: country maps to regdmn code: 0x3a
| [  189.298224] ath: Country alpha2 being used: US
| [  189.298225] ath: Regpair used: 0x3a
| [  189.298290] ieee80211 phy2: Selected rate control algorithm 'minstrel_ht'
| [  189.301463] usb 3-14: Atheros AR9170 is registered as 'phy2'

full-speed:
| [  205.743314] usb 4-2: new full-speed USB device number 3 using ohci-pci
| [  205.990614] usb 4-2: not running at top speed; connect to a high speed hub
| [  206.029618] usb 4-2: New USB device found, idVendor=0cf3, idProduct=1002, bcdDevice= 1.06
| [  206.029621] usb 4-2: New USB device strings: Mfr=16, Product=32, SerialNumber=48
| [  206.029622] usb 4-2: Product: USB2.0 WLAN
| [  206.029623] usb 4-2: Manufacturer: ATHER
| [  206.029624] usb 4-2: SerialNumber: 12345
| [  206.209969] usb 4-2: reset full-speed USB device number 3 using ohci-pci
| [  206.471776] usb 4-2: driver   API: 1.9.9 2016-02-15 [1-1]
| [  206.471779] usb 4-2: firmware API: 1.9.6 2012-07-07
| [  206.885680] ath: EEPROM regdomain: 0x809c
| [  206.885684] ath: EEPROM indicates we should expect a country code
| [  206.885686] ath: doing EEPROM country->regdmn map search
| [  206.885687] ath: country maps to regdmn code: 0x52
| [  206.885689] ath: Country alpha2 being used: CN
| [  206.885691] ath: Regpair used: 0x52
| [  206.885794] ieee80211 phy3: Selected rate control algorithm 'minstrel_ht'
| [  206.888834] input: phy3 WPS Button as /devices/pci0000:00/0000:00:1c.3/0000:05:00.0/0000:06:01.0/usb4/4-2/4-2:1.0/ieee80211/phy3/input17
| [  206.892694] usb 4-2: Atheros AR9170 is registered as 'phy3'


Tested-by: Christian Lamparter <chunkeey@xxxxxxxxx>