Граф коммитов

59 Коммитов

Автор SHA1 Сообщение Дата
Oliver Neukum a1cd7e99b3 USB: stop io performed by mos7720 upon close()
This fixes a problem where the mos7720 driver will make io to a device from
which it has been logically disconnected. It does so by introducing a flag by
which the generic usb serial code can signal the subdrivers their
disconnection and appropriate locking.

Signed-off-by: Oliver Neukum <oneukum@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-02-01 14:35:03 -08:00
Sarah Sharp f0fbd5b9ba USB: Prepare serial core for autosuspend.
Claim the interface for a USB to serial converter when the tty is open,
and release the interface when the tty is closed.

If a driver doesn't provide a resume function, use the generic resume
instead.

Make sure the generic resume function does not submit the URBs if we're
coming back from autosuspend.  On autoresume, we know that the open
function will be called next, which will attempt to submit the URBs.  If
we submit them in the resume function, the open will fail.

This works for:
 - autosuspend
 - suspending with the tty open or closed
 - hibernate with the tty closed

A hibernate (or a suspend that causes the USB subsystem to lose power)
has issues.  If you have the tty open when you hibernate, a new tty will
be created when the device re-enumerates during resume.

Signed-off-by: Sarah Sharp <sarah.a.sharp@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-02-01 14:34:51 -08:00
Aristeu Rozanski 9a6b1efa6f USB: usb_serial: clean tty reference in the last close
When a usb serial adapter is used as console, the usb serial console
driver bumps the open_count on the port struct used but doesn't attach
a real tty to it (only a fake one temporaly). If this port is opened later
using the regular character device interface, the open method won't
initialize the port, which is the expected, and will receive a brand new
tty struct created by tty layer, which will be stored in port->tty.

When the last close is issued, open_count won't be 0 because of the
console usage and the port->tty will still contain the old tty value. This
is the last ttyUSB<n> close so the allocated tty will be freed by the
tty layer. The usb_serial and usb_serial_port are still in use by the
console, so port_free() won't be called (serial_close() ->
usb_serial_put() -> destroy_serial() -> port_free()), so the scheduled
work (port->work, usb_serial_port_work()) will still run. And
usb_serial_port_work() does:
(...)
        tty = port->tty;
        if (!tty)
                return;

        tty_wakeup(tty);
which causes (manually copied):

Faulting instruction address: 0x6b6b6b68
Oops: Kernel access of bad area, sig: 11 [#1]
PREEMPT PowerMac
Modules linked in: binfmt_misc ipv6 nfs lockd nfs_acl sunrpc dm_snapshot dm_mirror dm_mod hfsplus uinput ams input_polldev genrtc cpufreq_powersave i2c_powermac therm_adt746x snd_aoa_codec_tas snd_aoa_fabric_layout snd_aoa joydev snd_aoa_i2sbus snd_pcm_oss snd_mixer_oss snd_pcm snd_timer snd_page_alloc pmac_zilog serial_core evdev ide_cd cdrom snd appletouch soundcore snd_aoa_soundbus bcm43xx firmware_class usbhid ieee80211softmac ff_memless firewire_ohci firewire_core ieee80211 ieee80211_crypt crc_itu_t sungem sungem_phy uninorth_agp agpart ssb
NIP: 6b6b6b68 LR: c01b2108 CTR: 6b6b6b6b
REGS: c106de80 TRAP: 0400   Not tainted  (2.6.24-rc2)
MSR: 40009032 <EE,ME,IR,DR>  CR: 82004024  XER: 00000000
TASK = c106b4c0[5] 'events/0' THREAD: c106c000
GPR00: 6b6b6b6b c106df30 c106b4c0 c2d613a0 00009032 00000001 00001a00 00000001
GPR08: 00000008 00000000 00000000 c106c000 42004028 00000000 016ffbe0 0171a724
GPR16: 016ffcf4 00240e24 00240e70 016fee68 016ff9a4 c03046c4 c0327f50 c03046fc
GPR24: c106b6b9 c106b4c0 c101d610 c106c000 c02160fc c1eac1dc c2d613ac c2d613a0
NIP [6b6b6b68] 0x6b6b6b68
LR [c01b2108] tty_wakeup+0x6c/0x9c
Call Trace:
[c106df30] [c01b20e8] tty_wakeup+0x4c/0x9c (unreliable)
[c106df40] [c0216138] usb_serial_port_work+0x3c/0x78
[c106df50] [c00432e8] run_workqueue+0xc4/0x15c
[c106df90] [c0043798] worker_thread+0xa0/0x124
[c106dfd0] [c0048224] kthread+0x48/0x84
[c106dff0] [c00129bc] kernel_thread+0x44/0x60
Instruction dump:
XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX XXXXXXXX
Slab corruption: size-2048 start=c2d613a0, len=2048
Redzone: 0x9f911029d74e35b/0x9f911029d74e35b.
Last user: [<c01b16d8>](release_one_tty+0xbc/0xf4)
050: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
Prev obj: start=c2d60b88, len=2048
Redzone: 0x9f911029d74e35b/0x9f911029d74e35b.
Last user: [<c00f30ec>](show_stat+0x410/0x428)
000: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
010: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b

This patch avoids this, clearing port->tty considering if the port is
used as serial console or not

Signed-off-by: Aristeu Rozanski <arozansk@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2008-02-01 14:34:50 -08:00
Sarah Sharp 8abaee238e USB: usb_serial_resume bug fix
Avoid potential null pointer dereference.

Signed-off-by: Sarah Sharp <sarah.a.sharp@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-10-25 12:18:45 -07:00
Alan Cox 337850917a usb-serial: handle NULL termios methods as "no hardware changing support"
Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-10-25 12:18:42 -07:00
Alan Stern 063a2da8f0 USB: serial core should respect driver requirements
This patch (as997) fixes a bug in the USB serial core.  The core needs
to pay attention to drivers' requirements regarding the number and
type of endpoints a device has.

At the same time, the patch changes the NUM_DONT_CARE constant (which
is stored in a single-byte field) from -1 to a safer, unsigned value.
It also improves the kerneldoc for several fields in the
usb_serial_driver structure.

Finally, the patch replaces a list_for_each() with list_for_each_entry().

Signed-off-by: Alan Stern <stern@rowland.harvard.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-10-12 14:55:34 -07:00
Oliver Neukum 5adceac5da USB: fix errornous assumption in the usb serial framework revealed by iuu_phoenix
the iuu_phoenix driver submits another URB from a completion handler.
This dictates a certain order of calls to usb_kill_urb() in kill_traffic().
As other drivers may do it the other way round, we need to use both
orders in kill_traffic().
This patch does so and should be merged before iuu_phoenix is merged.

Signed-off-by: Oliver Neukum <oneukum@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-10-12 14:55:25 -07:00
Oliver Neukum 3ddad8232c USB: fix BUG: sleeping function called from invalid context at /home/jeremy/hg/xen/paravirt/linux/drivers/usb/core/urb.c:524, in_atomic():1, irqs_disabled():0
Clearly there's a bug in
drivers/usb/serial/usb-serial.c:usb_serial_put().  It shouldn't call
kref_put() while holding a spinlock.

Signed-off-by: Oliver Neukum <oneukum@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-07-30 13:27:46 -07:00
Oliver Neukum e31c18804f USB: fix usb_serial_suspend(): buggy code
Am Montag 23 Juli 2007 schrieb Adrian Bunk:
> Commit ec22559e0b added the following 
> function to drivers/usb/serial/usb-serial.c:
> 
[..]
> 
> The Coverity checker spotted the inconsequent NULL checking for "serial".
> 
> Looking at the code it also doesn't seem to have been intended to always 
> return 0.

Coverity is right. The check for NULL is wrongly done and the error
return is lost.

Signed-off-by: Oliver Neukum <oneukum@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-07-30 13:27:45 -07:00
Benny Halevy 52f6b5e1f1 synchronization in usb_serial_put
I think there is a race between usb_serial_put() and
usb_serial_get_by_index() (and get_free_serial()) with regards
to handling the serial port refcount.

usb_serial_get_by_index() gets a reference on the serial port under
table_lock while return_serial releases all the returned ports
from the table under the same lock.  However, the table_lock is not
taken around the call to kref_put, theoretically allowing to sneak
in and grab a reference after kref_put has already determined that
the reference count is zero (and before calling destroy_serial)
causing use after free.

Signed-off-by: Benny Halevy <bhalevy@ns1.bhalevy.com>
Cc: Oliver Neukum <oneukum@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-07-12 16:34:31 -07:00
Oliver Neukum ec22559e0b USB: suspend support for usb serial
this implements generic support for suspend/resume for usb serial.

Signed-off-by: Oliver Neukum <oneukum@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-07-12 16:29:44 -07:00
Randy Dunlap e63340ae6b header cleaning: don't include smp_lock.h when not used
Remove includes of <linux/smp_lock.h> where it is not used/needed.
Suggested by Al Viro.

Builds cleanly on x86_64, i386, alpha, ia64, powerpc, sparc,
sparc64, and arm (all 59 defconfigs).

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-05-08 11:15:07 -07:00
Jim Radford 521b85ae66 USB: fix usb-serial regression
This patch reverts d9a7ecacac since it
breaks drivers that need to access the ->port[] array in shutdown
(most of them).

Signed-Off: Jim Radford <radford@blackbean.org>
Acked-by: Mark Lord <mlord@pobox.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-03-19 13:22:18 -07:00
Oliver Neukum a1f721c812 USB: further fix for usb-serial
this is a fix for the outstanding usb-serial issues.

Signed-off-by: Oliver Neukum <oneukum@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-03-09 19:52:24 -08:00
Oliver Neukum c744f99eb6 USB: fix usb-serial device naming bug
Am Montag, 26. Februar 2007 15:16 schrieb Craig Schlenter:
> Hi Greg
> 
> 34ef50e5b1 is definitely
> the source of the problem. Reverting that makes the
> ftdi port show up as ttyUSB0 again for me and it
> can actually be opened.

This patch should fix the issue.

Signed-off-by: Oliver Neukum <oneukum@suse.de>
Signed-off-by: Craig Schlenter <craig@codefountain.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-03-09 19:52:24 -08:00
Jim Radford d9a7ecacac usb-serial: fix shutdown / device_unregister order
Ensure that the ->port_remove() callbacks get called before the
->shutdown() callback which makeing the order symmetric with
->attach() being called before ->port_probe().

Signed-off-by: Jim Radford <radford@blackbean.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-03-09 19:52:24 -08:00
Oliver Neukum 3ff4fd94c8 USB: race fixes for usb-serial, step 3
- fix an error code returned if a device has been disconnected

Signed-off-by: Oliver Neukum <oneukum@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-02-07 15:44:38 -08:00
Oliver Neukum 4b10f0f3a0 USB: race fixes for usb-serial, step 2
- take BKL before looking up a driver to associate with a device to make
  sure the module is not unloaded after looking up but before association
  & bumping module count

Signed-off-by: Oliver Neukum <oneukum@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-02-07 15:44:38 -08:00
Oliver Neukum 34ef50e5b1 USB: race fixes for usb-serial step 1
- introduce a spinlock for serial_table to eliminate the window between
  looking up a device and getting a reference
- delay inscription of a new device into serial_table until it is fully
  initialised
- make sure disconnect() kills all URBs to avoid leckage across a soft unbind


Signed-off-by: Oliver Neukum <oneukum@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2007-02-07 15:44:38 -08:00
Greg Kroah-Hartman 93bacefc4c USB serial: add dynamic id support to usb-serial core
Thanks to Johannes Hölzl <johannes.hoelzl@gmx.de> for fixing a few
things and getting it all working properly.

This adds support for dynamic usb ids to the usb serial core.  The file
"new_id" will show up under the usb serial driver, not the usb driver
associated with the usb-serial driver (yeah, it can be a bit confusing
at first glance...)

This patch also modifies the USB core to allow the usb-serial core to
reuse much of the dynamic id logic.

Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Johannes Hölzl <johannes.hoelzl@gmx.de>
2007-02-07 15:44:33 -08:00
Alan Cox 606d099cdd [PATCH] tty: switch to ktermios
This is the grungy swap all the occurrences in the right places patch that
goes with the updates.  At this point we have the same functionality as
before (except that sgttyb() returns speeds not zero) and are ready to
begin turning new stuff on providing nobody reports lots of bugs

If you are a tty driver author converting an out of tree driver the only
impact should be termios->ktermios name changes for the speed/property
setting functions from your upper layers.

If you are implementing your own TCGETS function before then your driver
was broken already and its about to get a whole lot more painful for you so
please fix it 8)

Also fill in c_ispeed/ospeed on init for most devices, although the current
code will do this for you anyway but I'd like eventually to lose that extra
paranoia

[akpm@osdl.org: bluetooth fix]
[mp3@de.ibm.com: sclp fix]
[mp3@de.ibm.com: warning fix for tty3270]
[hugh@veritas.com: fix tty_ioctl powerpc build]
[jdike@addtoit.com: uml: fix ->set_termios declaration]
Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Martin Peschke <mp3@de.ibm.com>
Acked-by: Peter Oberparleiter <oberpar@de.ibm.com>
Cc: Cornelia Huck <cornelia.huck@de.ibm.com>
Signed-off-by: Hugh Dickins <hugh@veritas.com>
Signed-off-by: Jeff Dike <jdike@addtoit.com>
Cc: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-12-08 08:28:57 -08:00
David Howells 4c1ac1b491 Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6
Conflicts:

	drivers/infiniband/core/iwcm.c
	drivers/net/chelsio/cxgb2.c
	drivers/net/wireless/bcm43xx/bcm43xx_main.c
	drivers/net/wireless/prism54/islpci_eth.c
	drivers/usb/core/hub.h
	drivers/usb/input/hid-core.c
	net/core/netpoll.c

Fix up merge failures with Linus's head and fix new compilation failures.

Signed-Off-By: David Howells <dhowells@redhat.com>
2006-12-05 14:37:56 +00:00
Mariusz Kozlowski 95d4316654 usb: usb-serial free urb cleanup
- usb_free_urb() cleanup

Signed-off-by: Mariusz Kozlowski <m.kozlowski@tuxland.pl>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-12-01 14:23:35 -08:00
David Howells c4028958b6 WorkStruct: make allyesconfig
Fix up for make allyesconfig.

Signed-Off-By: David Howells <dhowells@redhat.com>
2006-11-22 14:57:56 +00:00
Jeff Dike b68e31d0eb [PATCH] const struct tty_operations
As part of an SMP cleanliness pass over UML, I consted a bunch of
structures in order to not have to document their locking.  One of these
structures was a struct tty_operations.  In order to const it in UML
without introducing compiler complaints, the declaration of
tty_set_operations needs to be changed, and then all of its callers need to
be fixed.

This patch declares all struct tty_operations in the tree as const.  In all
cases, they are static and used only as input to tty_set_operations.  As an
extra check, I ran an i386 allyesconfig build which produced no extra
warnings.

53 drivers are affected.  I checked the history of a bunch of them, and in
most cases, there have been only a handful of maintenance changes in the
last six months.  serial_core.c was the busiest one that I looked at.

Signed-off-by: Jeff Dike <jdike@addtoit.com>
Acked-by: Alan Cox <alan@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-02 07:57:14 -07:00
Johannes Steingraeber 8fd8013393 usb serial: support Alcor Micro Corp. USB 2.0 TO RS-232 through pl2303 driver
Patch to add support for Alcor Micro Corp. USB 2.0 TO RS-232 converter.
This patch adds VID and PID to pl2303.[ch], adds it to the "HORRIBLE
HACK FOR PL2303" in usb-serial.c and also prevents cdc-acm to claim
driving this device by blacklisting it in hid-core.

Signed-off-by: Johannes Steingraeber <Jo_Stein@web.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-09-27 11:58:59 -07:00
Greg Kroah-Hartman 13f4db9e1b USB: fix __must_check warnings in drivers/usb/serial/
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-09-27 11:58:58 -07:00
Luiz Fernando N. Capitulino 4fa1bbf5cf USB: usb-serial: Use usb_endpoint_* functions.
Signed-off-by: Luiz Fernando N. Capitulino <lcapitulino@mandriva.com.br>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-09-27 11:58:53 -07:00
Matthias Urlichs 5992583889 usbserial: Reference leak
A sufficiently-large number of USB serial devices causes a reference leak
when /proc/tty/drivers/usbserial is read.

Signed-Off-By: Matthias Urlichs <smurf@smurf.noris.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-09-12 03:10:20 -07:00
Greg Kroah-Hartman a969888ce9 [PATCH] USB: move usb-serial.h to include/linux/usb/
USB serial outside of the kernel tree can not build properly due to
usb-serial.h being buried down in the source tree.  This patch moves the
location of the file to include/linux/usb and fixes up all of the usb
serial drivers to handle the move properly.

Cc: Sergei Organov <osv@javad.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-07-12 16:03:25 -07:00
Pete Zaitcev 34f8e76172 [PATCH] USB: fix usb-serial leaks, oopses on disconnect
This fix addresses two issues:
- Unattached port structures were not freed
- My initial fix for crash when eventd runs a work in a freed port
  did not go far enough

Signed-off-by: Pete Zaitcev <zaitcev@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-07-12 16:03:21 -07:00
Jörn Engel 6ab3d5624e Remove obsolete #include <linux/config.h>
Signed-off-by: Jörn Engel <joern@wohnheim.fh-wedel.de>
Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-06-30 19:25:36 +02:00
Greg Kroah-Hartman 331b831983 [PATCH] devfs: Rename TTY_DRIVER_NO_DEVFS to TTY_DRIVER_DYNAMIC_DEV
I've always found this flag confusing.  Now that devfs is no longer around, it
has been renamed, and the documentation for when this flag should be used has
been updated.

Also fixes all drivers that use this flag.

Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-06-26 12:25:09 -07:00
Greg Kroah-Hartman f4eaa37017 [PATCH] devfs: Remove the tty_driver devfs_name field as it's no longer needed
Also fixes all drivers that set this field.

Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-06-26 12:25:09 -07:00
Luiz Fernando N. Capitulino db54a53d26 [PATCH] usbserial: Fixes wrong return values.
Some usbserial functions returns -EINVAL if the port doesn't exist or if
it's not opened. However, the right error code for such situations is
-ENODEV.

Signed-off-by: Luiz Fernando N. Capitulino <lcapitulino@mandriva.com.br>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-06-21 15:04:18 -07:00
Frank Gevaerts b059c81af7 [PATCH] USB Serial: clean tty fields on failed device open
If either the driver's open() method or try_module_get() fails, we need to
set 'tty->driver_data' and 'port->tty' to NULL in serial_open(), otherwise
we'll get an OOPS in usb_device_disconnect() when the device is disconnected.

Signed-off-by: Frank Gevaerts <frank.gevaerts@fks.be>
Acked-by: Luiz Fernando N. Capitulino <lcapitulino@mandriva.com.br>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-06-21 15:04:17 -07:00
Pete Zaitcev 2f8ad9a1b9 [PATCH] USB: rmmod pl2303 after -28
Wait for the scheduled work to finish before freeing memory, prevent oops.
http://bugzilla.kernel.org/show_bug.cgi?id=6596

Signed-off-by: Pete Zaitcev <zaitcev@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-06-21 15:04:14 -07:00
Pete Zaitcev cf2c7481d2 [PATCH] USB serial: encapsulate schedule_work, remove double-calling
I'm going to throw schedule_work away, it's retarded. But for starters,
let's have it encapsulated.

Also, generic and whiteheat were both calling usb_serial_port_softint
and scheduled work. Only one was necessary.

Signed-off-by: Pete Zaitcev <zaitcev@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-06-21 15:04:13 -07:00
Guennadi Liakhovetski 73e487fdb7 [PATCH] USB console: fix disconnection issues
Prevent sending further output to a USB-serial console after the dongle is
disconnected, take care not to leak kref.

Signed-off-by: Guennadi Liakhovetski <g.liakhovetski@gmx.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-06-21 15:04:09 -07:00
Paul Fulghum ca85485c1f [PATCH] USB: console: prevent ENODEV on node
Prevent ENODEV on a /dev/ttyUSBx, used as a USB-serial console.

From: Paul Fulghum <paulkf@microgate.com>
Signed-off-by: Guennadi Liakhovetski <g.liakhovetski@gmx.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-06-21 15:04:09 -07:00
Luiz Fernando Capitulino 71a84163ca [PATCH] usbserial: Fixes leak in serial_open() error path.
If serial_open() fails at the port assignment or mutex_lock_interruptible()
is interrupted, the 'serial' object will never be freed.

We should call kref_put() when those errors happens.

Signed-off-by: Luiz Fernando N. Capitulino <lcapitulino@mandriva.com.br>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-05-12 11:58:09 -07:00
Luiz Fernando Capitulino 704936a25b [PATCH] usbserial: Fixes use-after-free in serial_open().
If the device is disconnected while serial_open() is executing and
either try_module_get() or the device specific open function fails, the
kref_put() call in the 'bailout_kref_put' label will free the memory
pointed out by 'port'.

The subsequent dereferences in the 'bailout_kref_put' label will be
invalid.

The fix is just to assure kref_put() is called after any 'port' usage.

Signed-off-by: Luiz Fernando N. Capitulino <lcapitulino@mandriva.com.br>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-05-12 11:58:09 -07:00
Luiz Fernando Capitulino 1ce7dd26e0 [PATCH] USB serial: Converts port semaphore to mutexes.
The usbserial's port semaphore used to synchronize serial_open()
and serial_close() are strict mutexes, convert them to the mutex
implementation.

Signed-off-by: Luiz Capitulino <lcapitulino@mandriva.com.br>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-04-14 11:12:20 -07:00
Eric Sesterhenn 80b6ca4832 [PATCH] USB: kzalloc() conversion for rest of drivers/usb
Signed-off-by: Eric Sesterhenn <snakebyte@gmx.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-03-20 14:49:59 -08:00
Greg Kroah-Hartman 91c0bce29e [PATCH] USB Serial: fix use-after-free bug in usb-serial core
This fixes a use-after-free bug in the usb-serial core.  It is simple to
trigger this (open a usb-serial port, then yank the device out before
closing the port.)  Thanks to Stefan Seyfried <seife@suse.de> for
reporting this, and to the slab debugging code which enabled it to be
tracked down.

Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-03-06 13:29:00 -08:00
Adrian Bunk 93b1fae491 spelling: s/trough/through/
Additionally, one comment was reformulated by Joe Perches <joe@perches.com>.

Signed-off-by: Adrian Bunk <bunk@stusta.de>
2006-01-10 00:13:33 +01:00
Luiz Fernando Capitulino 8a4613f01f [PATCH] USB: usbserial: race-condition fix.
There is a race-condition in usb-serial driver that can be triggered if
a processes does 'port->tty->driver_data = NULL' in serial_close() while
other processes is in kernel-space about to call serial_ioctl() on the
same port.

This happens because a process can open the device while there is
another one closing it.

The patch below fixes that by adding a semaphore to ensure that no
process will open the device while another process is closing it.

Note that we can't use spinlocks here, since serial_open() and
serial_close() can sleep.

Signed-off-by: Luiz Capitulino <lcapitulino@mandriva.com.br>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-01-04 13:48:35 -08:00
Luiz Fernando Capitulino 487f9c6710 [PATCH] USB: usbserial: Adds missing checks and bug fix.
Checks if 'port' is NULL before using it in all tty operations, this
can avoid NULL pointer dereferences.

Signed-off-by: Luiz Capitulino <lcapitulino@mandriva.com.br>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-01-04 13:48:35 -08:00
Greg Kroah-Hartman 75318d2d7c [PATCH] USB: remove .owner field from struct usb_driver
It is no longer needed, so let's remove it, saving a bit of memory.

Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-01-04 13:48:34 -08:00
Greg Kroah-Hartman ba9dc657af [PATCH] USB: allow usb drivers to disable dynamic ids
This lets drivers, like the usb-serial ones, disable the ability to add
ids from sysfs.

The usb-serial drivers are "odd" in that they are really usb-serial bus
drivers, not usb bus drivers, so the dynamic id logic will have to go
into the usb-serial bus core for those drivers to get that ability.

Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2006-01-04 13:48:32 -08:00