Re: [PATCH] usbnet.c, buf.overrun crash-bugfix, Kernel 2.6.12-rc1

From: David Brownell
Date: Thu Mar 24 2005 - 13:26:31 EST

Next message: Bjorn Helgaas: "Re: [ACPI] Re: Fw: Anybody? 2.6.11 (stable and -rc) ACPI breaks USB"
Previous message: Segher Boessenkool: "Re: [PATCH] ppc32/64: Map prefetchable PCI without guarded bit"
In reply to: Jakemuksen spammiosote: "Re: [PATCH] usbnet.c, buf.overrun crash-bugfix, Kernel 2.6.12-rc1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday 24 March 2005 10:13 am, Jakemuksen spammiosote wrote:
> On Thu, 24 Mar 2005, David Brownell wrote:
> > On Thursday 24 March 2005 8:05 am, Jakemuksen spammiosote wrote:
>
> >> + if (unlikely((skb->tail + urb->actual_length) > skb->end)) {
> >
> > This logic looks wrong. If that ever happens, surely the problem is
> > that the rx_submit() code submitted an urb with transfer_size that
> > mismatched the SKB. The host controller isn't allowed to overrun the
>
> Sounds reasonable. So, I'll go thru the HCD code

Better yet, start with the code supporting that device you're
under NDA for.

> instead if the
> responsibility is there. Am i the first one to run into such crash
> situation? If so, perhaps it's not ever worthy to fix in mainstream
> kernel, as the device causes the crash under very specific -
> 'abusing' one might say, situation only.

You're the first one to report such a problem.

- Dave
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Bjorn Helgaas: "Re: [ACPI] Re: Fw: Anybody? 2.6.11 (stable and -rc) ACPI breaks USB"
Previous message: Segher Boessenkool: "Re: [PATCH] ppc32/64: Map prefetchable PCI without guarded bit"
In reply to: Jakemuksen spammiosote: "Re: [PATCH] usbnet.c, buf.overrun crash-bugfix, Kernel 2.6.12-rc1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]