linux/drivers/usb/chipidea
Clemens Gruber 6f3c4fb6d0 usb: chipidea: udc: fix NULL ptr dereference in isr_setup_status_phase
Problems with the signal integrity of the high speed USB data lines or
noise on reference ground lines can cause the i.MX6 USB controller to
violate USB specs and exhibit unexpected behavior.

It was observed that USBi_UI interrupts were triggered first and when
isr_setup_status_phase was called, ci->status was NULL, which lead to a
NULL pointer dereference kernel panic.

This patch fixes the kernel panic, emits a warning once and returns
-EPIPE to halt the device and let the host get stalled.
It also adds a comment to point people, who are experiencing this issue,
to their USB hardware design.

Cc: <stable@vger.kernel.org> #4.1+
Signed-off-by: Clemens Gruber <clemens.gruber@pqgruber.com>
Signed-off-by: Peter Chen <peter.chen@nxp.com>
2016-09-09 17:19:57 +08:00
..
Kconfig usb: chipidea: Kconfig: improve Kconfig help text 2016-06-21 10:48:30 +08:00
Makefile usb: chipidea: delete static debug support 2015-12-24 14:15:26 +08:00
bits.h usb: chipidea: add tx/rx burst size configuration interface 2015-08-14 10:03:58 +08:00
ci.h usb: chipidea: support debugfs without CONFIG_USB_CHIPIDEA_DEBUG 2015-12-24 14:15:26 +08:00
ci_hdrc_imx.c usb: chipidea: imx: delete the redundant setting default DMA mask code 2016-04-06 17:14:38 +08:00
ci_hdrc_imx.h usb: chipidea: usbmisc_imx: add .set_wakeup interface 2015-03-18 16:19:09 +01:00
ci_hdrc_msm.c usb: chipidea: msm: Use posted data writes on AHB 2015-12-01 14:57:12 -08:00
ci_hdrc_pci.c usb: chipidea: fix return value check in ci_hdrc_pci_probe() 2016-02-19 14:13:44 +08:00
ci_hdrc_usb2.c usb: chipidea: add xilinx zynq platform data 2015-09-15 16:08:49 +08:00
ci_hdrc_zevio.c Chipidea: TI-NSPIRE USB OTG hardware does not support high speed and must connect at full speed 2015-03-18 16:19:11 +01:00
core.c usb: chipidea: add system interface for ttctrl.ttha 2016-02-29 13:37:51 +08:00
debug.c chipidea: error on overflow for port_test_write 2016-02-20 20:15:57 -08:00
host.c usb: chipidea: host: set host to be null after hcd is freed 2015-12-24 14:17:58 +08:00
host.h usb: chipidea: ehci_init_driver is intended to call one time 2015-07-22 08:03:41 +08:00
otg.c usb: chipidea: otg: change workqueue ci_otg as freezable 2016-02-25 09:33:29 +08:00
otg.h usb: chipidea: using one inline function to cover queue work operations 2014-05-23 11:35:02 +09:00
otg_fsm.c usb: chipidea: otg: add A idle to B disconnect timer 2016-03-04 15:14:38 +02:00
otg_fsm.h usb: chipidea: otg: add A idle to B disconnect timer 2016-03-04 15:14:38 +02:00
udc.c usb: chipidea: udc: fix NULL ptr dereference in isr_setup_status_phase 2016-09-09 17:19:57 +08:00
udc.h usb: chipidea: add role init and destroy APIs 2013-08-14 12:37:19 -07:00
usbmisc_imx.c usb: chipidea: usbmisc_imx: fix a possible NULL dereference 2015-11-18 15:27:12 +08:00