The problem with remembering a user space process by its pid is that it is
possible that the process will exit, pid wrap around will occur.
Converting to a struct pid avoid that problem, and paves the way for
implementing a pid namespace.
Also since usb is the only user of kill_proc_info_as_uid rename
kill_proc_info_as_uid to kill_pid_info_as_uid and have the new version take
a struct pid.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Acked-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
The patch removes unneeded casts for the following (void *) pointers:
- struct file: private
- struct urb: context
- struct usb_bus: hcpriv
- return value of kmalloc()
The patch also contains some whitespace cleanup in the relevant areas.
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as741) makes the non-hub parts of usbcore actually use the
autosuspend facilities added by an earlier patch.
Devices opened through usbfs are autoresumed and then
autosuspended upon close.
Likewise for usb-skeleton.
Devices are autoresumed for usb_set_configuration.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Making structs const prevents accidental bugs and with the proper debug
options they're protected against corruption.
Signed-off-by: Luiz Fernando N. Capitulino <lcapitulino@mandriva.com.br>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as711b) is a revised version of an earlier submission. It
modifies the usbfs code to detect when a device has been unregistered from
usbfs, even if the device is still connected. Although this can't happen
now, it will be able to happen after the upcoming changes to usb_generic.
Nobody objected to this patch when it was submitted before, so it should
be okay to apply this version. The revision is merely to take into
account the changes introduced by as723, which touches the same driver.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
The usbfs code doesn't provide sufficient mutual exclusion among open,
release, and remove. Release vs. remove is okay because they both
acquire the device lock, but open is not exclusive with either one. All
three routines modify the udev->filelist linked list, so they must not
run concurrently.
Apparently someone gave this a minimum amount of thought in the past by
explicitly acquiring the BKL at the start of the usbdev_open routine.
Oddly enough, there's a comment pointing out that locking is unnecessary
because chrdev_open already has acquired the BKL.
But this ignores the point that the files in /proc/bus/usb/* are not
char device files; they are regular files and so they don't get any
special locking. Furthermore it's necessary to acquire the same lock in
the release and remove routines, which the code does not do.
Yet another problem arises because the same file_operations structure is
accessible through both the /proc/bus/usb/* and /dev/usb/usbdev* file
nodes. Even when one of them has been removed, it's still possible for
userspace to open the other. So simple locking around the individual
remove routines is insufficient; we need to lock the entire
usb_notify_remove_device notifier chain.
Rather than rely on the BKL, this patch (as723) introduces a new private
mutex for the purpose. Holding the BKL while invoking a notifier chain
doesn't seem like a good idea.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
The following patches reduce the size of the VFS inode structure by 28 bytes
on a UP x86. (It would be more on an x86_64 system). This is a 10% reduction
in the inode size on a UP kernel that is configured in a production mode
(i.e., with no spinlock or other debugging functions enabled; if you want to
save memory taken up by in-core inodes, the first thing you should do is
disable the debugging options; they are responsible for a huge amount of bloat
in the VFS inode structure).
This patch:
The filesystem or device-specific pointer in the inode is inside a union,
which is pretty pointless given that all 30+ users of this field have been
using the void pointer. Get rid of the union and rename it to i_private, with
a comment to explain who is allowed to use the void pointer. This is just a
cleanup, but it allows us to reuse the union 'u' for something something where
the union will actually be used.
[judith@osdl.org: powerpc build fix]
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Signed-off-by: Judith Lebzelter <judith@osdl.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This reverts c182274ffe commit because it
required a newer version of udev to work properly than what is currently
documented in Documentation/Changes.
Cc: Kay Sievers <kay.sievers@vrfy.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch updates the USB core to save and pass the sending task secid when
sending signals upon AIO completion so that proper security checking can be
applied by security modules.
Signed-off-by: David Quigley <dpquigl@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This reverts commit 786dc1d3d7.
As Al so eloquently points out, the patch is crap. The old code was fine,
the new code was bogus.
It never dereferenced a user pointer, the "->" operator was to an array
member, which gives the _address_ of the member (in user space), not an
actual dereference at all.
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This moves the usb class devices that control the usbfs nodes to show up
in the proper place in the larger device tree.
No userspace changes is needed, this is compatible due to the symlinks
generated by the driver core.
Cc: Kay Sievers <kay.sievers@vrfy.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
See http://bugzilla.kernel.org/show_bug.cgi?id=6617.
This function dereference a __user pointer.
Signed-off-by: Philippe Retornaz <couriousous@mandriva.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as699) adds usb_reset_composite_device(), a routine for
sending a USB port reset to a device with multiple interfaces owned by
different drivers. Drivers are notified about impending and completed
resets through two new methods in the usb_driver structure.
The patch modifieds the usbfs ioctl code to make it use the new routine
instead of usb_reset_device(). Follow-up patches will modify the hub,
usb-storage, and usbhid drivers so they can utilize this new API.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch increases an arbitrary limit on the size of
individual isochronous packets submitted via usbfs. The
limit is still arbitrary, but it's now large enough to
support the maximum packet size used by high-bandwidth
isochronous transfers.
Signed-off-by: Micah Dowty <micah@vmware.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch removes the artificial 4088-byte limit that usbfs
currently places on Control transfers. The USB spec does not
specify a strict limit on the size of an entire control transfer.
It does, however, state that the data stage "follows the same
protocol rules as bulk transfers." (USB 2, 8.5.3)
The level of support for large control transfers in real host
controllers varies, but it's important to support at least 4K
transfers. Windows enforces a maximum control transfer size
of 4K, so there exists some hardware that requires a full 4096
byte data stage. Without this patch, we fall short of that by
8 bytes on architectures with a 4K page size, and it becomes
impossible to support such hardware with a user-space driver.
Since any limit placed on control transfers by usbfs would be
arbitrary, this patch replaces the PAGE_SIZE limit with the same
arbitrary limit used by bulk transfers.
Signed-off-by: Micah Dowty <micah@vmware.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
check_ctrlrecip() disallows any control transfers if the device is
deconfigured (in configuration 0, ie. state ADDRESS). This for example
makes it impossible to read the device descriptors without configuring the
device, although most standard device requests are allowed in this state by
the spec. This patch allows control transfers for the ADDRESS state, too.
Signed-off-by: Horst Schirmeier <horst@schirmeier.com>
Cc: Alan Stern <stern@rowland.harvard.edu>
Cc: David Brownell <david-b@pacbell.net>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
drivers/usb/core/devio.c: In function `usbdev_read':
drivers/usb/core/devio.c:140: error: invalid type argument of `->'
drivers/usb/core/devio.c:141: error: invalid type argument of `->'
drivers/usb/core/devio.c:142: error: invalid type argument of `->'
drivers/usb/core/devio.c:143: error: invalid type argument of `->'
Cc: Oliver Neukum <oliver@neukum.org>
Cc: Pete Zaitcev <zaitcev@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
this is a small optimisation. It is ridiculous to do a kmalloc for
18 bytes. This puts it onto the stack.
Signed-off-by: Oliver Neukum <oliver@neukum.name>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as605) removes the private udev->serialize semaphore,
relying instead on the locking provided by the embedded struct device's
semaphore. The changes are confined to the core, except that the
usb_trylock_device routine now uses the return convention of
down_trylock rather than down_read_trylock (they return opposite values
for no good reason).
A couple of other associated changes are included as well:
Now that we aren't concerned about HCDs that avoid using the
hcd glue layer, usb_disconnect no longer needs to acquire the
usb_bus_lock -- that can be done by usb_remove_hcd where it
belongs.
Devices aren't locked over the same scope of code in
usb_new_device and hub_port_connect_change as they used to be.
This shouldn't cause any trouble.
Along with the preceding driver core patch, this needs a lot of testing.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
drivers/usb/core/devio.c: In function `proc_ioctl_compat':
drivers/usb/core/devio.c:1401: warning: passing arg 1 of `compat_ptr' makes integer from pointer without a cast
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
drivers/usb/core/devio.c: In function `proc_ioctl_compat':
drivers/usb/core/devio.c:1401: warning: passing arg 1 of `compat_ptr' makes integer from pointer without a cast
NFI if this is correct...
Cc: Pete Zaitcev <zaitcev@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This patch (as590) fixes up all the remaining places where usbcore can
use kzalloc rather than kmalloc/memset.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
The previous patch adding the ability to nest struct class_device
changed the paramaters to the call class_device_create(). This patch
fixes up all in-kernel users of the function.
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
All the same issues - we can't just save the pointer to the thread, we
must save the pid/uid/euid combination.
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
If a process issues an URB from userspace and (starts to) terminate
before the URB comes back, we run into the issue described above. This
is because the urb saves a pointer to "current" when it is posted to the
device, but there's no guarantee that this pointer is still valid
afterwards.
In fact, there are three separate issues:
1) the pointer to "current" can become invalid, since the task could be
completely gone when the URB completion comes back from the device.
2) Even if the saved task pointer is still pointing to a valid task_struct,
task_struct->sighand could have gone meanwhile.
3) Even if the process is perfectly fine, permissions may have changed,
and we can no longer send it a signal.
So what we do instead, is to save the PID and uid's of the process, and
introduce a new kill_proc_info_as_uid() function.
Signed-off-by: Harald Welte <laforge@gnumonks.org>
[ Fixed up types and added symbol exports ]
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This patch (as554) makes the hub driver disconnect any child USB devices
when it is unbound from a hub. Normally this will never happen, but
there are a few oddball ways to unbind the hub driver while leaving the
children intact. For example, the new "unbind" sysfs attribute can be
used for this purpose.
Given that unbinding hubs with children is now safe, the patch also
removes the code that prevented people from doing so using usbfs.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch (as551) fixes another little problem recently added to the
USB core. Someone didn't fix the type of the first argument to
unregister_chrdev_region.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch introduces a /sys/class/usb_device/ class
where every connected usb-device will show up:
tree /sys/class/usb_device/
/sys/class/usb_device/
|-- usb1.1
| |-- dev
| `-- device -> ../../../devices/pci0000:00/0000:00:1d.0/usb1
|-- usb2.1
| |-- dev
| `-- device -> ../../../devices/pci0000:00/0000:00:1d.1/usb2
...
The presence of the "dev" file lets udev create real device nodes.
kay@pim:~/src/linux-2.6> tree /dev/bus/usb/
/dev/bus/usb/
|-- 1
| `-- 1
|-- 2
| `-- 1
...
udev rule:
SUBSYSTEM="usb_device", PROGRAM="/sbin/usb_device %k", NAME="%c"
(echo $1 | /bin/sed 's/usb\([0-9]*\)\.\([0-9]*\)/bus\/usb\/\1\/\2/')
This makes libusb pick up the real nodes instead of the mounted usbfs:
export USB_DEVFS_PATH=/dev/bus/usb
Background:
All this makes it possible to manage usb devices with udev instead of
the devfs solution. We are currently working on a pam_console/resmgr
replacement driven by udev and a pam-helper. It applies ACL's to device
nodes, which is required for modern desktop functionalty like
"Fast User Switching" or multiple local login support.
New patch with its own major. I've succesfully disabled usbfs and use real
nodes only on my box. With: "export USB_DEVFS_PATH=/dev/bus/usb" libusb picks
up the udev managed nodes instead of reading usbfs files.
This makes udev to provide symlinks for libusb to pick up:
SUBSYSTEM="usb_device", PROGRAM="/sbin/usbdevice %k", SYMLINK="%c"
/sbin/usbdevice:
#!/bin/sh
echo $1 | /bin/sed 's/usbdev\([0-9]*\)\.\([0-9]*\)/bus\/usb\/\1\/\2/'
Signed-off-by: Kay Sievers <kay.sievers@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This patch fixes an information leak in the usbfs snoop facility:
uninitialized data from __get_free_page can be returned to userspace and
written to the system log. It also improves the snoop output by printing
the wLength value.
Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
This patch turns a user mode driver error into a hard error, and updates
the relevant diagnostic slightly to help troubleshooting. gphoto was
known to have this problem, hopefully it is now fixed (they have had
plenty of warning...)
This had been left as a soft error to give various user mode drivers a
change to be properly fixed, with the statement that starting in about
2.6.10 it would be changed. It had been mostly safe as a soft error ...
but that can not be guaranteed. Now that a year has passed, it's time to
really insist that the user mode drivers finally fix their relevant bugs.
Signed-off-by: David Brownell <dbrownell@users.sourceforge.net>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Checking for NULL before calling kfree() is redundant. This patch removes
these redundant checks and also makes a few tiny whitespace changes.
Signed-off-by: Jesper Juhl <juhl-lkml@dif.dk>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
I am sorry that the last patch about 32 bit compat ioctl on
64 bit kernel actually breaks the usbdevfs. That is on the current
BK tree. I am retarded.
Here is the patch to fix it. Tested with USB hard disk and webcam
in both 32bit compatible mode and native 64bit mode.
Again, sorry about that.
From: Christopher Li <chrisl@vmware.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Initial git repository build. I'm not bothering with the full history,
even though we have it. We can create a separate "historical" git
archive of that later if we want to, and in the meantime it's about
3.2GB when imported into git - space that would just make the early
git days unnecessarily complicated, when we don't have a lot of good
infrastructure for it.
Let it rip!