linux/drivers/usb/core
Guenter Roeck 7b2db29fbb usb: hub: Fix crash after failure to read BOS descriptor
If usb_get_bos_descriptor() returns an error, usb->bos will be NULL.
Nevertheless, it is dereferenced unconditionally in
hub_set_initial_usb2_lpm_policy() if usb2_hw_lpm_capable is set.
This results in a crash.

usb 5-1: unable to get BOS descriptor
...
Unable to handle kernel NULL pointer dereference at virtual address 00000008
pgd = ffffffc00165f000
[00000008] *pgd=000000000174f003, *pud=000000000174f003,
		*pmd=0000000001750003, *pte=00e8000001751713
Internal error: Oops: 96000005 [#1] PREEMPT SMP
Modules linked in: uinput uvcvideo videobuf2_vmalloc cmac [ ... ]
CPU: 5 PID: 3353 Comm: kworker/5:3 Tainted: G    B 4.4.52 #480
Hardware name: Google Kevin (DT)
Workqueue: events driver_set_config_work
task: ffffffc0c3690000 ti: ffffffc0ae9a8000 task.ti: ffffffc0ae9a8000
PC is at hub_port_init+0xc3c/0xd10
LR is at hub_port_init+0xc3c/0xd10
...
Call trace:
[<ffffffc0007fbbfc>] hub_port_init+0xc3c/0xd10
[<ffffffc0007fbe2c>] usb_reset_and_verify_device+0x15c/0x82c
[<ffffffc0007fc5e0>] usb_reset_device+0xe4/0x298
[<ffffffbffc0e3fcc>] rtl8152_probe+0x84/0x9b0 [r8152]
[<ffffffc00080ca8c>] usb_probe_interface+0x244/0x2f8
[<ffffffc000774a24>] driver_probe_device+0x180/0x3b4
[<ffffffc000774e48>] __device_attach_driver+0xb4/0xe0
[<ffffffc000772168>] bus_for_each_drv+0xb4/0xe4
[<ffffffc0007747ec>] __device_attach+0xd0/0x158
[<ffffffc000775080>] device_initial_probe+0x24/0x30
[<ffffffc0007739d4>] bus_probe_device+0x50/0xe4
[<ffffffc000770bd0>] device_add+0x414/0x738
[<ffffffc000809fe8>] usb_set_configuration+0x89c/0x914
[<ffffffc00080a120>] driver_set_config_work+0xc0/0xf0
[<ffffffc000249bb8>] process_one_work+0x390/0x6b8
[<ffffffc00024abcc>] worker_thread+0x480/0x610
[<ffffffc000251a80>] kthread+0x164/0x178
[<ffffffc0002045d0>] ret_from_fork+0x10/0x40

Since we don't know anything about LPM capabilities without BOS descriptor,
don't attempt to enable LPM if it is not available.

Fixes: 890dae8867 ("xhci: Enable LPM support only for hardwired ...")
Cc: stable <stable@vger.kernel.org>
Cc: Mathias Nyman <mathias.nyman@linux.intel.com>
Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Acked-by: Mathias Nyman <mathias.nyman@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-03-17 13:36:58 +09:00
..
buffer.c USB: core: add missing license information to some files 2016-10-29 12:51:56 -04:00
config.c usb-core: Add LINEAR_FRAME_INTR_BINTERVAL USB quirk 2017-03-14 17:07:31 +08:00
devices.c usb: core: devices: remove unnecessary & operation 2016-11-03 10:38:23 +02:00
devio.c sched/headers: Prepare for new header dependencies before moving code to <linux/sched/signal.h> 2017-03-02 08:42:29 +01:00
driver.c USB: core: add missing license information to some files 2016-10-29 12:51:56 -04:00
endpoint.c usb: patches for v4.10 merge window 2016-11-18 16:02:15 +01:00
file.c USB: core: add missing license information to some files 2016-10-29 12:51:56 -04:00
generic.c USB: core: add missing license information to some files 2016-10-29 12:51:56 -04:00
hcd-pci.c usb: hcd: out of bounds access in for_each_companion 2016-04-13 12:06:18 -07:00
hcd.c usb: hcd: initialize hcd->flags to 0 when rm hcd 2017-01-19 10:34:41 +01:00
hub.c usb: hub: Fix crash after failure to read BOS descriptor 2017-03-17 13:36:58 +09:00
hub.h
Kconfig usb: core: Introduce a USB port LED trigger 2016-09-27 12:20:17 +02:00
ledtrig-usbport.c usb: core: usbport: Use proper LED API to fix potential crash 2016-12-06 08:37:41 +01:00
Makefile usb: core: Introduce a USB port LED trigger 2016-09-27 12:20:17 +02:00
message.c usb: core: update comments for send message functions 2017-01-19 10:34:40 +01:00
notify.c USB: core: add missing license information to some files 2016-10-29 12:51:56 -04:00
of.c usb: core: of.c: fix defined but not declare warning 2016-08-09 16:16:13 +02:00
otg_whitelist.h usb: core: use IS_ENABLED() instead of checking for built-in or module 2016-09-02 14:36:33 +02:00
port.c Revert "USB / PM: Allow USB devices to remain runtime-suspended when sleeping" 2016-05-02 08:44:31 -07:00
quirks.c usb-core: Add LINEAR_FRAME_INTR_BINTERVAL USB quirk 2017-03-14 17:07:31 +08:00
sysfs.c USB: core: add missing license information to some files 2016-10-29 12:51:56 -04:00
urb.c usb: patches for v4.10 merge window 2016-11-18 16:02:15 +01:00
usb-acpi.c
usb.c USB: core: add missing license information to some files 2016-10-29 12:51:56 -04:00
usb.h USB: core: add missing license information to some files 2016-10-29 12:51:56 -04:00