[PATCH 4.4 038/113] USB: hub: fix up early-exit pathway in hub_activate

From: Greg Kroah-Hartman
Date: Mon Sep 05 2016 - 13:27:37 EST


4.4-stable review patch. If anyone has any objections, please let me know.

------------------

From: Alan Stern <stern@xxxxxxxxxxxxxxxxxxx>

commit ca5cbc8b02f9b21cc8cd1ab36668763ec34f9ee8 upstream.

The early-exit pathway in hub_activate, added by commit e50293ef9775
("USB: fix invalid memory access in hub_activate()") needs
improvement. It duplicates code that is already present at the end of
the subroutine, and it neglects to undo the effect of a
usb_autopm_get_interface_no_resume() call.

This patch fixes both problems by making the early-exit pathway jump
directly to the end of the subroutine. It simplifies the code at the
end by merging two conditionals that actually test the same condition
although they appear different: If type < HUB_INIT3 then type must be
either HUB_INIT2 or HUB_INIT, and it can't be HUB_INIT because in that
case the subroutine would have exited earlier.

Signed-off-by: Alan Stern <stern@xxxxxxxxxxxxxxxxxxx>
Reviewed-by: Viresh Kumar <viresh.kumar@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
drivers/usb/core/hub.c | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)

--- a/drivers/usb/core/hub.c
+++ b/drivers/usb/core/hub.c
@@ -1039,11 +1039,8 @@ static void hub_activate(struct usb_hub
device_lock(hub->intfdev);

/* Was the hub disconnected while we were waiting? */
- if (hub->disconnected) {
- device_unlock(hub->intfdev);
- kref_put(&hub->kref, hub_release);
- return;
- }
+ if (hub->disconnected)
+ goto disconnected;
if (type == HUB_INIT2)
goto init2;
goto init3;
@@ -1265,12 +1262,12 @@ static void hub_activate(struct usb_hub
/* Scan all ports that need attention */
kick_hub_wq(hub);

- /* Allow autosuspend if it was suppressed */
- if (type <= HUB_INIT3)
+ if (type == HUB_INIT2 || type == HUB_INIT3) {
+ /* Allow autosuspend if it was suppressed */
+ disconnected:
usb_autopm_put_interface_async(to_usb_interface(hub->intfdev));
-
- if (type == HUB_INIT2 || type == HUB_INIT3)
device_unlock(hub->intfdev);
+ }

kref_put(&hub->kref, hub_release);
}