github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-10 23:53:52 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
0eff1c7516
linux/drivers
History
Alan Stern 0eff1c7516 USB: EHCI: fix obscure race in ehci_endpoint_disable 
commit 02e2c51ba3 upstream.

This patch (as1435) fixes an obscure and unlikely race in ehci-hcd.
When an async URB is unlinked, the corresponding QH is removed from
the async list.  If the QH's endpoint is then disabled while the URB
is being given back, ehci_endpoint_disable() won't find the QH on the
async list, causing it to believe that the QH has been lost.  This
will lead to a memory leak at best and quite possibly to an oops.

The solution is to trust usbcore not to lose track of endpoints.  If
the QH isn't on the async list then it doesn't need to be taken off
the list, but the driver should still wait for the QH to become IDLE
before disabling it.

In theory this fixes Bugzilla #20182.  In fact the race is so rare
that it's not possible to tell whether the bug is still present.
However, adding delays and making other changes to force the race
seems to show that the patch works.

Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Reported-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
CC: David Brownell <david-b@pacbell.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2010-12-09 13:33:07 -08:00
..
accessibility
acpi Merge branch 'msi-dmi' into release 2010-10-08 22:37:46 -04:00
amba ARM: AMBA: Add pclk support to AMBA bus infrastructure 2010-07-31 13:07:27 +01:00
ata libata: fix NULL sdev dereference race in atapi_qc_complete() 2010-12-09 13:32:59 -08:00
atm ATM: iphase, remove sleep-inside-atomic 2010-10-11 11:05:42 -07:00
auxdisplay
base PM: Prevent waiting forever on asynchronous resume after failing suspend 2010-09-09 00:49:43 +02:00
block ps3disk: passing wrong variable to bvec_kunmap_irq() 2010-10-12 18:56:33 +02:00
bluetooth bluetooth: Fix missing NULL check 2010-11-22 11:03:01 -08:00
cdrom block: push down BKL into .open and .release 2010-08-07 18:25:34 +02:00
char intel-gtt: fix gtt_total_entries detection 2010-12-09 13:32:58 -08:00
clocksource x86: Convert common clocksources to use clocksource_register_hz/khz 2010-07-27 12:40:55 +02:00
connector
cpufreq [CPUFREQ] fix brace coding style issue. 2010-08-03 13:47:05 -04:00
cpuidle cpuidle: Fix typos 2010-09-28 23:30:38 -04:00
crypto [S390] zcrypt: fix Kconfig dependencies 2010-08-13 10:06:54 +02:00
dca dca: disable dca on IOAT ver.3.0 multiple-IOH platforms 2010-09-17 20:08:21 -07:00
dio
dma ioat2: fix performance regression 2010-10-13 15:43:10 -07:00
edac i7core_edac: fix panic in udimm sysfs attributes registration 2010-10-01 10:50:58 -07:00
eisa
firewire firewire: ohci: fix race in AR split packet handling 2010-12-09 13:32:47 -08:00
firmware Merge git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-misc-2.6 2010-08-14 12:34:34 -07:00
gpio gpio: sx150x: correct and refine reset-on-probe behavior 2010-09-09 18:57:24 -07:00
gpu i915: reprogram power monitoring registers on resume 2010-12-09 13:32:58 -08:00
hid HID: Fix for problems with eGalax/DWAV multi-touch-screen 2010-12-09 13:32:42 -08:00
hwmon hwmon: (lm85) Fix ADT7468 frequency table 2010-12-09 13:32:33 -08:00
i2c i2c-pca-platform: Change device name of request_irq 2010-12-09 13:32:14 -08:00
ide Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/ide-2.6 2010-09-19 11:06:34 -07:00
idle intel_idle: do not use the LAPIC timer for ATOM C2 2010-11-22 11:03:03 -08:00
ieee1394 ieee1394: Adjust confusing if indentation 2010-08-05 23:26:30 +02:00
ieee802154
infiniband RDMA/cxgb3: Turn off RX coalescing for iWARP connections 2010-09-27 09:28:55 -07:00
input Input: evdev - fix EVIOCSABS regression 2010-10-18 08:45:08 -07:00
isdn isdn/gigaset: bas_gigaset locking fix 2010-12-09 13:32:14 -08:00
leds leds: leds-ns2: fix locking 2010-09-19 22:43:42 -04:00
lguest
macintosh via-pmu: Add compat_pmu_ioctl 2010-08-24 15:28:28 +10:00
mca
md md: fix return value of rdev_size_change() 2010-12-09 13:32:40 -08:00
media drivers/media/video/cx23885/cx23885-core.c: fix cx23885_dev_checkrevision() 2010-12-09 13:32:44 -08:00
memstick memstick: fix hangs on unexpected device removal in mspro_blk 2010-08-12 08:43:31 -07:00
message fusion: add function parameter names to kernel-doc 2010-08-14 16:21:00 -07:00
mfd mfd: Fix max8925 irq control bit incorrect setting 2010-09-29 10:14:53 +02:00
misc sgi-xpc: XPC fails to discover partitions with all nasids above 128 2010-12-09 13:32:36 -08:00
mmc mmc: sdio: fix SDIO suspend/resume regression 2010-10-15 12:54:55 -04:00
mtd mxc_nand: do not depend on disabling the irq in the interrupt handler 2010-10-18 13:09:05 -07:00
net usbnet: fix usb_autopm_get_interface failure(v1) 2010-12-09 13:32:42 -08:00
nubus
of of/device: Replace struct of_device with struct platform_device 2010-08-06 09:25:50 -06:00
oprofile oprofile: Fix the hang while taking the cpu offline 2010-12-09 13:32:33 -08:00
parisc Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2010-08-04 15:31:02 -07:00
parport Merge branch 'next-devicetree' of git://git.secretlab.ca/git/linux-2.6 2010-08-12 09:11:31 -07:00
pci PCI: fix offset check for sysfs mmapped files 2010-12-09 13:33:00 -08:00
pcmcia pcmcia: pd6729: Fix error path 2010-09-26 15:54:25 +02:00
platform asus-laptop: fix gps rfkill 2010-11-22 11:03:15 -08:00
pnp
power olpc_battery: Fix endian neutral breakage for s16 values 2010-12-09 13:32:30 -08:00
pps
ps3
rapidio
regulator Merge branch 'i2c-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jdelvare/staging 2010-10-07 13:44:30 -07:00
rtc i2c: Remove obsolete cleanup for clientdata 2010-09-30 14:14:22 +02:00
s390 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6 2010-09-28 12:01:26 -07:00
sbus of/device: Replace struct of_device with struct platform_device 2010-08-06 09:25:50 -06:00
scsi Fix regressions in scsi_internal_device_block 2010-11-22 11:03:17 -08:00
serial SERIAL: ioc3_serial: Return -ENOMEM on memory allocation failure 2010-10-19 18:32:40 +01:00
sfi
sh sh: add a reparent function to DIV6 clocks 2010-08-04 16:12:01 +09:00
sn
spi of/spi: Fix OF-style driver binding of spi devices 2010-10-02 21:28:29 -06:00
ssb ssb: b43-pci-bridge: Add new vendor for BCM4318 2010-12-09 13:32:36 -08:00
staging Staging: rt2870: Add USB ID for Buffalo Airstation WLI-UC-GN 2010-12-09 13:33:06 -08:00
tc
telephony pcmcia: do not use io_req_t when calling pcmcia_request_io() 2010-08-03 09:04:11 +02:00
thermal
uio uio: Remove IRQF_DISABLED flag from uio_cif.c 2010-08-05 13:53:33 -07:00
usb USB: EHCI: fix obscure race in ehci_endpoint_disable 2010-12-09 13:33:07 -08:00
uwb
vhost vhost: fix log ctx signalling 2010-09-22 16:21:33 +02:00
video viafb: use proper register for colour when doing fill ops 2010-12-09 13:32:38 -08:00
virtio virtio: fix oops on OOM 2010-07-26 08:05:31 -07:00
vlynq
w1
watchdog watchdog: Enable NXP LPC32XX support in Kconfig (resend) 2010-09-15 18:43:58 +00:00
xen xen: ensure that all event channels start off bound to VCPU 0 2010-12-09 13:32:37 -08:00
zorro zorro: Fix reading of proc/bus/zorro/* in small chunks 2010-08-09 21:14:08 +02:00
Kconfig
Makefile Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394-2.6 2010-09-17 10:23:08 -07:00